Re: [Openvpn-users] Expected transfer speed LAN-LAN using OpenVPN?
On Sun, 27 Feb 2022 17:02:34 +0100, Bo Berglund wrote: >So I have done a test now: >- Restarted the openvpn.local service on the server (local is only handling the >local LAN traffic) >- Remote LAN upload speed measured with speedtest at 249/150 Mbps. >- An NFS share on the home LAN Ubuntu server is connected to from an RPi4 on >the >remote LAN >- I did a command like this on that remote RPi4 device: >time cp -p videofile.mp4 $HOME/sharedir/subdir > >It came out at 65 s for a file sized 218923372 bytes which means 27 Mbit/s > >So this is pretty good (better than I had before the switch of the cipher), but >it still uses the old ASUS RT-AC68U router. >I expect it to imnprove once I can travel to the site and install an ASUS >RT-AC86U router instead. > FOLLOW-UP on the transfer speed issue: -- I have now replaced the remote site router with a more modern ASUS RT-AC86U unit. So both LAN:s use the same type router now. Same setup regarding OpenVPN Client on the router where I push settings using the ccd file on the server: iroute 192.168.117.0 255.255.255.0 #Disable compression and push it to the client comp-lzo no push "comp-lzo no" #Set different cipher for the ASUS router client cipher AES-128-GCM push "cipher AES-128-GCM" The Internet connection is running at 250/250 Mbps verified using Ookla Speedtest (I have had big problems with the ISP regarding upload speed but that was fixed 4 days ago). With this in place and using an nfs share across the VPN tunnel I can upload a video file from the remote site to my home site as follows: video.mp4 file size: 283,190,409 bytes Command for copy:time cp -p video.mp4 Result: real0m12,823s This calculates to 283,190,409 * 8 / 12.823 = 176.7 Mbps!!! So this shows that the speed obtained is about an order of magnitude faster when switching from RT-AC68U to RT-AC86U router. Same type of transfer using the old router took minutes to complete. -- Bo Berglund Developer in Sweden ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] Expected transfer speed LAN-LAN using OpenVPN?
Hi! You can hit wire speed if your chosen crypto works fast enough on your CPU. Make sure that every component in the software stack lets you use your CPU hardware encryption acceleration. I use iperf and wireshark for network troubleshooting as it can let you narrow down to the bottleneck instead of single-value benchmarks. For fast and dirty tests I use SCP of large files with random data and ping in "flood" mode with minimum packet size. Please note that OpenVPN is largely user space application and handing billions of packets back and forth to the kernel always has it's price, not just in cpu load, but in scalability, latency and packet loss. And also there are not so many folks around with site-to-site experience on Gigabit speed I suppose. IPsec is de-facto standard for such connections (sometimes under vendor's marketing name). Thank you. On Sun, Jan 30, 2022 at 7:41 PM Bo Berglund wrote: > I have two LAN sections on different locations with IP 192.168.119.0/24 > and > 192.168.117.0/24 respectively. > The two sites will be connected using OpenVPN with 119 being the sever > side and > 117 the client. Routing between them will be configured. > > On the client side the VPN connection will be done through the LAN router > (an > ASUS RT-AC68U) towards the server side Linux OpenVPN server. > Thus all LAN clients on the client side (117) will have access to the whole > server side (119) LAN. > > And the reverse is also true thanks to settings in the Linux Server where > the > remote client via a ccd directive will cause a route to be set up (see > previous > thread "LAN-LAN connection via ASUS Router OpenVPN?" on this list). > > So the two LAN sections will be fully interconnected. > Both sides are set up to route Internet trafic through their respective > local > gateways to get full fiber speed to the Internet. > > I have run a device test for the connectivity using two Internet > connections at > home and this works out well. But I cannot test speed here because of the > connection limitations. > > Now I am wondering in preparation for deploying the routing system: > > Given that both sites will have 250/250 Mbps fiber connections, what will > be the > expected throughput between the two LAN:s for internal LAN-LAN data > transfers? > > The Ookla Speedtest measured Internet access speed on the server side via > its > ASUS RT-AC86U router conforms to the subscribed speed (250/250). > > PS: > What is the best way to test a LAN-LAN transfer speed? > There are no speed test servers available locally > Timing of big file transfers maybe? > > > -- > Bo Berglund > Developer in Sweden > > > > ___ > Openvpn-users mailing list > Openvpn-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/openvpn-users > -- Bogdan Rudas Director of IT Europe Exadel Inc. http://www.exadel.com/ E-mail: bru...@exadel.com Skype ID: bogdan.rudas -- CONFIDENTIALITY NOTICE: This email and files attached to it are confidential. If you are not the intended recipient you are hereby notified that using, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited. If you have received this email in error please notify the sender and delete this email. ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] Expected transfer speed LAN-LAN using OpenVPN?
On Tue, 22 Feb 2022 09:38:58 +0100, Bo Berglund wrote: >On Tue, 22 Feb 2022 00:32:46 +0100, Bo Berglund wrote: > >>On Mon, 21 Feb 2022 13:05:17 +, André via Openvpn-users >> wrote: >> >>>Hi, >>> >>>According to >>>"RMerlin Asuswrt-Merlin dev" the Asus RT-AC-86U can "hit 200 Mbps of OpenVPN >>>throughput". >>> >>>"LouisvilleUK" states "I'm getting full 200 down throughput with >>>PrivateTunnel VPN using AES-128-GCM on the RT-AC86U". >>> >>> >>>https://www.snbforums.com/threads/openvpn-performance-of-the-rt-ac86u.41217/page-2 >>> >>I am running OpenVPN 2.4.7 on the server, what ASUS RT-AC68U or RT-AC86U are >>running I don't know... >> >>So can I set the following in the server side ccd config for the ASUSrouter >>client and then the router's OpenVPN client will adhere to the setting? >> >>#Set different cipher for the ASUS router client >>cipher AES-128-GCM >>push "cipher AES-128-GCM" >> >>The full ccd file looks like this in that case: >> >>iroute 192.168.117.0 255.255.255.0 >>#Disable compression and push it to the client >>comp-lzo no >>push "comp-lzo no" >>#Set different cipher for the ASUS router client >>cipher AES-128-GCM >>push "cipher AES-128-GCM" >> >>Will this also work on the older RT-AC68U router? >>I.e. should I wait until I have replaced the router on the remote LAN? >> >>Right now the cipher line in the main server.conf and client ovpn files looks >>like this: >>cipher AES-256-CBC >> >>Is this the culprit, being 256 rather than 128??? >> >>I do not know what is the difference between GCM and CBC... > >Forgot to ask: >Can I in some way from the OpenVPN server command a reconnect from the client >so >it starts using the new cipher? > >If I restart the openvpn service dealing with the client will that force a >renewed connection from the client (I have several services running >concurrently)? According to an offlist reply from @Tincantch a restart of the OpenVPN server service for the connection in question will force the reconnect and thus also the pushed cipher settings take effect. So I have done a test now: - Restarted the openvpn.local service on the server (local is only handling the local LAN traffic) - Remote LAN upload speed measured with speedtest at 249/150 Mbps. - An NFS share on the home LAN Ubuntu server is connected to from an RPi4 on the remote LAN - I did a command like this on that remote RPi4 device: time cp -p videofile.mp4 $HOME/sharedir/subdir It came out at 65 s for a file sized 218923372 bytes which means 27 Mbit/s So this is pretty good (better than I had before the switch of the cipher), but it still uses the old ASUS RT-AC68U router. I expect it to imnprove once I can travel to the site and install an ASUS RT-AC86U router instead. -- Bo Berglund Developer in Sweden ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] Expected transfer speed LAN-LAN using OpenVPN?
On Tue, 22 Feb 2022 00:32:46 +0100, Bo Berglund wrote: >On Mon, 21 Feb 2022 13:05:17 +, André via Openvpn-users > wrote: > >>Hi, >> >>According to >>"RMerlin Asuswrt-Merlin dev" the Asus RT-AC-86U can "hit 200 Mbps of OpenVPN >>throughput". >> >>"LouisvilleUK" states "I'm getting full 200 down throughput with >>PrivateTunnel VPN using AES-128-GCM on the RT-AC86U". >> >> >>https://www.snbforums.com/threads/openvpn-performance-of-the-rt-ac86u.41217/page-2 >> >I am running OpenVPN 2.4.7 on the server, what ASUS RT-AC68U or RT-AC86U are >running I don't know... > >So can I set the following in the server side ccd config for the ASUSrouter >client and then the router's OpenVPN client will adhere to the setting? > >#Set different cipher for the ASUS router client >cipher AES-128-GCM >push "cipher AES-128-GCM" > >The full ccd file looks like this in that case: > >iroute 192.168.117.0 255.255.255.0 >#Disable compression and push it to the client >comp-lzo no >push "comp-lzo no" >#Set different cipher for the ASUS router client >cipher AES-128-GCM >push "cipher AES-128-GCM" > >Will this also work on the older RT-AC68U router? >I.e. should I wait until I have replaced the router on the remote LAN? > >Right now the cipher line in the main server.conf and client ovpn files looks >like this: >cipher AES-256-CBC > >Is this the culprit, being 256 rather than 128??? > >I do not know what is the difference between GCM and CBC... Forgot to ask: Can I in some way from the OpenVPN server command a reconnect from the client so it starts using the new cipher? If I restart the openvpn service dealing with the client will that force a renewed connection from the client (I have several services running concurrently)? -- Bo Berglund Developer in Sweden ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] Expected transfer speed LAN-LAN using OpenVPN?
On Mon, 21 Feb 2022 13:05:17 +, André via Openvpn-users wrote: >Hi, > >According to >"RMerlin Asuswrt-Merlin dev" the Asus RT-AC-86U can "hit 200 Mbps of OpenVPN >throughput". > >"LouisvilleUK" states "I'm getting full 200 down throughput with PrivateTunnel >VPN using AES-128-GCM on the RT-AC86U". > > >https://www.snbforums.com/threads/openvpn-performance-of-the-rt-ac86u.41217/page-2 > I am running OpenVPN 2.4.7 on the server, what ASUS RT-AC68U or RT-AC86U are running I don't know... So can I set the following in the server side ccd config for the ASUSrouter client and then the router's OpenVPN client will adhere to the setting? #Set different cipher for the ASUS router client cipher AES-128-GCM push "cipher AES-128-GCM" The full ccd file looks like this in that case: iroute 192.168.117.0 255.255.255.0 #Disable compression and push it to the client comp-lzo no push "comp-lzo no" #Set different cipher for the ASUS router client cipher AES-128-GCM push "cipher AES-128-GCM" Will this also work on the older RT-AC68U router? I.e. should I wait until I have replaced the router on the remote LAN? Right now the cipher line in the main server.conf and client ovpn files looks like this: cipher AES-256-CBC Is this the culprit, being 256 rather than 128??? I do not know what is the difference between GCM and CBC... -- Bo Berglund Developer in Sweden ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] Expected transfer speed LAN-LAN using OpenVPN?
Hi, According to "RMerlin Asuswrt-Merlin dev" the Asus RT-AC-86U can "hit 200 Mbps of OpenVPN throughput". "LouisvilleUK" states "I'm getting full 200 down throughput with PrivateTunnel VPN using AES-128-GCM on the RT-AC86U". https://www.snbforums.com/threads/openvpn-performance-of-the-rt-ac86u.41217/page-2 Sent with ProtonMail Secure Email. --- Original Message --- Op maandag 21 februari 2022 om 09:55 schreef Jan Just Keijser : > For the record: > > On 20/02/22 22:43, Bo Berglund wrote: > > > On Sun, 20 Feb 2022 21:54:44 +0100, Gert Doering g...@greenie.muc.de wrote: > > > > [...] > > > That depends on the CPU in that box, and the SSL library in use. > > > > I am considering exchanging the remote router for a newer model (Asus > > RT-AC86U) > > > > with more computing power... > > > > > AES-256-GCM is extremely fast on CPUs that have AES-NI support (usually > > > > > > "Intel and AMD"). cipher chacha20-poly1305 is fast on some ARM families > > > > > > that have hardware support for that cipher. > > > > > > I don't know what CPU is built into these Asus routers > > Both routers are ARM based and you should not expect terrific > > performance when using AES-GCM. > > Asus RT-AC-68U: > > This router incorporates Broadcom's new BCM4709 Wi-Fi chipset, the > > cornerstone of which is a 1GHz, dual-core ARM Cortex A9 processor > > (from > > https://www.techradar.com/reviews/pc-mac/networking-and-wi-fi/modem-routers/asus-rt-ac68u-1262664/review) > > Asus RT-AC-86U: > > It is powered by Broadcom BCM4906 @ 1.8 GHz chipset, 512 MB RAM and > > 256 MB flash > > (from https://routerchart.com/asus/asus-rt-ac86u-rt-ac86u-369 and it > > seems to be 5 yrs old already; however the Asus website lists the > > RT-AX-86U and it also uses a dual core 1.8 GHz CPU). > > Expect output to be up to 1.8 times faster with the 86U. > > HTH, > > JJK > > ___ > > Openvpn-users mailing list > > Openvpn-users@lists.sourceforge.net > > https://lists.sourceforge.net/lists/listinfo/openvpn-users ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] Expected transfer speed LAN-LAN using OpenVPN?
For the record: On 20/02/22 22:43, Bo Berglund wrote: On Sun, 20 Feb 2022 21:54:44 +0100, Gert Doering wrote: [...] That depends on the CPU in that box, and the SSL library in use. I am considering exchanging the remote router for a newer model (Asus RT-AC86U) with more computing power... AES-256-GCM is extremely fast on CPUs that have AES-NI support (usually "Intel and AMD"). cipher chacha20-poly1305 is fast on some ARM families that have hardware support for that cipher. I don't know what CPU is built into these Asus routers Both routers are ARM based and you should not expect terrific performance when using AES-GCM. Asus RT-AC-68U: This router incorporates Broadcom's new BCM4709 Wi-Fi chipset, the cornerstone of which is a 1GHz, dual-core ARM Cortex A9 processor (from https://www.techradar.com/reviews/pc-mac/networking-and-wi-fi/modem-routers/asus-rt-ac68u-1262664/review) Asus RT-AC-86U: It is powered by Broadcom BCM4906 @ 1.8 GHz chipset, 512 MB RAM and 256 MB flash (from https://routerchart.com/asus/asus-rt-ac86u-rt-ac86u-369 and it seems to be 5 yrs old already; however the Asus website lists the RT-AX-86U and it *also* uses a dual core 1.8 GHz CPU). Expect output to be up to 1.8 times faster with the 86U. HTH, JJK ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] Expected transfer speed LAN-LAN using OpenVPN?
Hi, On Sun, Feb 20, 2022 at 11:23:23PM +0100, Bo Berglund wrote: > For clarity so I understand, is this what should be entered into the server > side > conf file (my OpenVPN version is still 2.4.7): > > #Disable compression and push this to the client > comp-lzo no > push comp-lzo no This would disable compression for all clients, yes. gert -- "If was one thing all people took for granted, was conviction that if you feed honest figures into a computer, honest figures come out. Never doubted it myself till I met a computer with a sense of humor." Robert A. Heinlein, The Moon is a Harsh Mistress Gert Doering - Munich, Germany g...@greenie.muc.de signature.asc Description: PGP signature ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] Expected transfer speed LAN-LAN using OpenVPN?
Hi, On Sun, Feb 20, 2022 at 10:43:11PM +0100, Bo Berglund wrote: > >AES-256-GCM is extremely fast on CPUs that have AES-NI support (usually > >"Intel and AMD"). cipher chacha20-poly1305 is fast on some ARM families > >that have hardware support for that cipher. > I don't know what CPU is built into these Asus routers > > >Compression will slow down your transfers if you are CPU starved. > > I guess I cannot change these on a client-by-client base, right? That depends on the age of the OpenVPN version installed. 2.4.x and up can do per-client cipher settings, and (I think) "about anything" can do per-client compress settings. > Both the client ovpn file and the server side conf file have these two > directives. > > I do have a ccd set up so that I can have special handling when the remote > Router's built-in client connects to my server. > Currently there is only an iroute command inside the client's ccd file. Putting "compress no" and "cipher " in there - matching the client's .ovpn - should work. gert -- "If was one thing all people took for granted, was conviction that if you feed honest figures into a computer, honest figures come out. Never doubted it myself till I met a computer with a sense of humor." Robert A. Heinlein, The Moon is a Harsh Mistress Gert Doering - Munich, Germany g...@greenie.muc.de signature.asc Description: PGP signature ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] Expected transfer speed LAN-LAN using OpenVPN?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Sorry, forgot the list. Sent with ProtonMail Secure Email. --- Original Message --- On Sunday, February 20th, 2022 at 22:36, tincantech wrote: > For clarity so you understand, you should check these directives in the > manual. > > Sent with ProtonMail Secure Email. > > --- Original Message --- > > On Sunday, February 20th, 2022 at 22:23, Bo Berglund bo.bergl...@gmail.com > wrote: > > > On Sun, 20 Feb 2022 21:51:20 +, tincantech via Openvpn-users > > > > openvpn-users@lists.sourceforge.net wrote: > > > > > > I guess I cannot change these on a client-by-client base, right? > > > > > > > > Both the client ovpn file and the server side conf file have these two > > > > > > > > directives. > > > > > > > > cipher AES-256-CBC > > > > > > > > comp-lzo > > > > > You can --push compression settings from the server. > > > > > > https://community.openvpn.net/openvpn/wiki/Compression > > > > > > Use the server to disable compression. > > > > For clarity so I understand, is this what should be entered into the server > > side > > > > conf file (my OpenVPN version is still 2.4.7): > > > > #Disable compression and push this to the client > > > > comp-lzo no > > > > push comp-lzo no > > > > And with this in place no client connecting will use compression? > > > > (After I restart openvpn of course) > > > > Bo Berglund > > > > Developer in Sweden > > > > Openvpn-users mailing list > > > > Openvpn-users@lists.sourceforge.net > > > > https://lists.sourceforge.net/lists/listinfo/openvpn-users -BEGIN PGP SIGNATURE- Version: ProtonMail wsBzBAEBCAAGBQJiEsLWACEJEE+XnPZrkLidFiEECbw9RGejjXJ5xVVVT5ec 9muQuJ1wUwgAtZu0uMy/bmT6hGjkeaM5rhC0+Tl1jyhPC2qoXqIcwCngdan+ wxRz3fKKCCMtp+FazjMkbGo6Ak3JZzNDr3nbxHZ3Fv0PEyFhxTszk1mSSsrE IQ3nc2NMt4FQJc/JKkA52zjSBnsuCeQXAoitnkByLCX2RZo1ImYk3XfwipCM gfA45UCeebP0BesCnXSKKj+Xxa6oSEckcfmeTVWUUTpfujdsNbF4dpSJfkuL ikwvls5X2S+UfoZZPGxMOzl0a21JdsVFhki2NiBu1jFdks6UJxstpMHKf8lv TuGCOhzVS1z/v8ogXmBaATSGyZbWBOxneIlMXRaw6LqWyz2hdDn/lQ== =Ng0e -END PGP SIGNATURE- publickey - tincantech@protonmail.com - 0x09BC3D44.asc Description: application/pgp-keys publickey - tincantech@protonmail.com - 0x09BC3D44.asc.sig Description: PGP signature ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] Expected transfer speed LAN-LAN using OpenVPN?
On Sun, 20 Feb 2022 21:51:20 +, tincantech via Openvpn-users wrote: >> I guess I cannot change these on a client-by-client base, right? >> Both the client ovpn file and the server side conf file have these two >> directives. >> >> cipher AES-256-CBC >> comp-lzo >You can --push compression settings from the server. > >https://community.openvpn.net/openvpn/wiki/Compression > >Use the server to disable compression. For clarity so I understand, is this what should be entered into the server side conf file (my OpenVPN version is still 2.4.7): #Disable compression and push this to the client comp-lzo no push comp-lzo no And with this in place no client connecting will use compression? (After I restart openvpn of course) -- Bo Berglund Developer in Sweden ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] Expected transfer speed LAN-LAN using OpenVPN?
On Sun, 20 Feb 2022 21:54:44 +0100, Gert Doering wrote: >Hi, > >On Sun, Feb 20, 2022 at 08:19:32PM +0100, Bo Berglund wrote: >> Question (has popped up on the SNB forum concerning use of OpenVPN clients in >> ASUS routers): >> Can the use of the lines below in the ovpn file used by the router affect >> comm >> speed through the tunnel? >> >> cipher AES-256-CBC >> comp-lzo >> >> If another cipher is chosen can the connection transfers be quicker? >> (Considering a computational bottleneck in the Asus RT-AC68U router) > >That depends on the CPU in that box, and the SSL library in use. I am considering exchanging the remote router for a newer model (Asus RT-AC86U) with more computing power... >AES-256-GCM is extremely fast on CPUs that have AES-NI support (usually >"Intel and AMD"). cipher chacha20-poly1305 is fast on some ARM families >that have hardware support for that cipher. I don't know what CPU is built into these Asus routers > >Compression will slow down your transfers if you are CPU starved. I guess I cannot change these on a client-by-client base, right? Both the client ovpn file and the server side conf file have these two directives. I do have a ccd set up so that I can have special handling when the remote Router's built-in client connects to my server. Currently there is only an iroute command inside the client's ccd file. -- Bo Berglund Developer in Sweden ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] Expected transfer speed LAN-LAN using OpenVPN?
Hi, On Sun, Feb 20, 2022 at 08:19:32PM +0100, Bo Berglund wrote: > Question (has popped up on the SNB forum concerning use of OpenVPN clients in > ASUS routers): > Can the use of the lines below in the ovpn file used by the router affect comm > speed through the tunnel? > > cipher AES-256-CBC > comp-lzo > > If another cipher is chosen can the connection transfers be quicker? > (Considering a computational bottleneck in the Asus RT-AC68U router) That depends on the CPU in that box, and the SSL library in use. AES-256-GCM is extremely fast on CPUs that have AES-NI support (usually "Intel and AMD"). cipher chacha20-poly1305 is fast on some ARM families that have hardware support for that cipher. Compression will slow down your transfers if you are CPU starved. gert -- "If was one thing all people took for granted, was conviction that if you feed honest figures into a computer, honest figures come out. Never doubted it myself till I met a computer with a sense of humor." Robert A. Heinlein, The Moon is a Harsh Mistress Gert Doering - Munich, Germany g...@greenie.muc.de signature.asc Description: PGP signature ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] Expected transfer speed LAN-LAN using OpenVPN?
On Mon, 14 Feb 2022 11:14:40 +0100, Bo Berglund wrote: >On Sat, 12 Feb 2022 21:49:07 +0100, Bo Berglund wrote: > >>I also tested the Internet speed using Ookla speedtest: >> >>Remote site: >> Speedtest by Ookla >> Server: RETN - Stockholm (id = 32926) >>ISP: Bahnhof AB >>Latency: 2.56 ms (0.07 ms jitter) >> Download: 248.73 Mbps (data used: 112.6 MB ) >> Upload:57.17 Mbps (data used: 70.9 MB ) <== Suspiciously slow >>Packet Loss: 2.7% > >Since this is unexpectedly slow I have contacted my ISP to ask them to chgeck >up >the speed issue too. I am subscribing to 250/250 so getting a 248/57 speed is >not really OK... > >But the iperf3 measurement shows a still slower transfer of about 10 Mbit/s... >So there is another layer slowing down transfers. Question (has popped up on the SNB forum concerning use of OpenVPN clients in ASUS routers): Can the use of the lines below in the ovpn file used by the router affect comm speed through the tunnel? cipher AES-256-CBC comp-lzo If another cipher is chosen can the connection transfers be quicker? (Considering a computational bottleneck in the Asus RT-AC68U router) -- Bo Berglund Developer in Sweden ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] Expected transfer speed LAN-LAN using OpenVPN?
On Sat, 12 Feb 2022 21:49:07 +0100, Bo Berglund wrote: >I also tested the Internet speed using Ookla speedtest: > >Remote site: > Speedtest by Ookla > Server: RETN - Stockholm (id = 32926) >ISP: Bahnhof AB >Latency: 2.56 ms (0.07 ms jitter) > Download: 248.73 Mbps (data used: 112.6 MB ) > Upload:57.17 Mbps (data used: 70.9 MB ) <== Suspiciously slow >Packet Loss: 2.7% Since this is unexpectedly slow I have contacted my ISP to ask them to chgeck up the speed issue too. I am subscribing to 250/250 so getting a 248/57 speed is not really OK... But the iperf3 measurement shows a still slower transfer of about 10 Mbit/s... So there is another layer slowing down transfers. -- Bo Berglund Developer in Sweden ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] Expected transfer speed LAN-LAN using OpenVPN?
On 12/02/22 21:49, Bo Berglund wrote: On Sat, 12 Feb 2022 19:54:20 , tincantech via Openvpn-users wrote: regarding your bottleneck, try iperf3 without the VPN but across the real internet. Hm, That would entail having a way to enter my home LAN in a similar way as with VPN, right? I do have a few DDNS domain names pointing to my router's external address already, so I could add a new port forward for a not so common port (temporarily). If I set up a port forward for such a port to the local server I guess I can then use iperf3 to make a connection and check speed while bypassing the OpenVPN encryption bottleneck. a port forward to an IP address is all that iperf/iperf3 need; I would test it with both iperf (v2.0) and iperf3, as they sometimes give entirely different results. Another thing to try is to temporarily disable encryption in OpenVPN - with v2.3 and 2.4 that was still possible by adding cipher none ncp-disable ## v2.4+ only to the configurations. What I'd test with iperf is iperf client > home IP, port 4 -> forward to server LAN IP, iperf running at port 4 then iperf client > vpn IP, port 4 -> forward to server VPN IP, iperf running at port 4, no ciphers and finally iperf client > vpn IP, port 4 -> forward to server VPN IP, iperf running at port 4 that way you can deduce the exact overhead of OpenVPN itself versus the encryption. Finally, also try playing with the option fragment on both client and server configs, e.g. fragment 1400 mssfix or perhaps fragment 0 mssfix as that can help with performance as well. HTH, JJK Like doing this with port 33456 forwarded by the router to the OpenVPN server: Server: iperf3 -s -p 33456 -1 -f K Client: iperf3 -c -p 33456 -f K - So I tried that: -- $ iperf3 -c .boberglund.com -p 33456 -f K Connecting to host .boberglund.com, port 33456 [ 5] local 192.168.117.251 port 55484 connected to 158.174.1xx.1yy port 33456 [ ID] Interval Transfer Bitrate Retr Cwnd [ 5] 0.00-1.00 sec 2.40 MBytes 2456 KBytes/sec 50 7.07 KBytes [ 5] 1.00-2.00 sec 1.43 MBytes 1459 KBytes/sec 34 5.66 KBytes [ 5] 2.00-3.00 sec 1.25 MBytes 1277 KBytes/sec 39 7.07 KBytes [ 5] 3.00-4.00 sec 1.07 MBytes 1094 KBytes/sec 35 4.24 KBytes [ 5] 4.00-5.00 sec 1.43 MBytes 1460 KBytes/sec 29 9.90 KBytes [ 5] 5.00-6.00 sec 912 KBytes 912 KBytes/sec 34 1.41 KBytes [ 5] 6.00-7.00 sec 1.07 MBytes 1095 KBytes/sec 33 5.66 KBytes [ 5] 7.00-8.00 sec 1.25 MBytes 1277 KBytes/sec 39 9.90 KBytes [ 5] 8.00-9.00 sec 1.43 MBytes 1459 KBytes/sec 42 4.24 KBytes [ 5] 9.00-10.00 sec 1.25 MBytes 1277 KBytes/sec 37 4.24 KBytes - - - - - - - - - - - - - - - - - - - - - - - - - [ ID] Interval Transfer Bitrate Retr [ 5] 0.00-10.00 sec 13.4 MBytes 1377 KBytes/sec 372 sender [ 5] 0.00-10.00 sec 13.0 MBytes 1336 KBytes/sec receiver iperf Done. --- End of test --- Seems like I am getting the exact same result here, about 10 Mbit/s only... When I run the test I have to be connected with PuTTY to the remote client and this passes through the VPN tunnel. I hope that is not disturbing the measurements. I assume that there is no encryption involved with the transfers here? The VPN connection is set up to only pass LAN-LAN traffic through the tunnel, while Internet traffic uses the respective router as gateway to the Internet. I also tested the Internet speed using Ookla speedtest: Remote site: Speedtest by Ookla Server: RETN - Stockholm (id = 32926) ISP: Bahnhof AB Latency: 2.56 ms (0.07 ms jitter) Download: 248.73 Mbps (data used: 112.6 MB ) Upload:57.17 Mbps (data used: 70.9 MB ) <== Suspiciously slow Packet Loss: 2.7% Home site: Speedtest by Ookla Server: Bahnhof AB - Stockholm (id = 34024) ISP: Bahnhof AB Latency: 1.48 ms (0.90 ms jitter) Download: 242.70 Mbps (data used: 192.2 MB) Upload: 248.81 Mbps (data used: 368.8 MB) Packet Loss: 0.0% More investigation needed... ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] Expected transfer speed LAN-LAN using OpenVPN?
Hello, On Sat, Feb 12, 2022 at 06:22:41PM +0100, Bo Berglund wrote: > So this is about 10 Mbit/s speed... > I had really hoped for something better than 1/25th of the connection speed. > Is this normal or is there some way to improve the speed? Depending on the hardware, I can measure upto 7-8 MByte/s (~70 MBit/s) through OpenVPN. And the symptom is that one of the CPU is at 100% (OpenVPN is not multithreaded AFAIK). Do you have hardware AES acceleration? Do you observe a CPU maxing out? If not there might be something else going on. An example here, using SSH over OpenVPN, in both cases we simply send data out from Internet to either a) normal Internet b) Internet through an OpenVPN a) SRC: 46.140.72.222 (this is native, 1G/100M link) 10240K, 10870K/s 102400K, 47539K/s b) SRC: 193.72.186.249 (this is OpenVPN) 10240K, 9642K/s 102400K, 9169K/s It's a somewhat small transfer, but the numbers rise with the time. Script: #! /bin/sh BS=4096 COUNT_UP=$((10*1024*1024/$BS)) COUNT_DOWN=$((100*1024*1024/$BS)) for SRC in 46.140.72.222 193.72.186.249 do echo "SRC: $SRC" dd if=/dev/zero bs=$BS count=$COUNT_UP 2>/dev/null \ | ssh -o "ProxyCommand=ssh virtual nc -q 0 -s $SRC some-internet-host-we-will-not-disclose.ch 22" \ some-internet-host-we-will-not-disclose.ch buffer -S 1048576 -s $BS -o /dev/null ssh -o "ProxyCommand=ssh virtual nc -q 0 -s $SRC some-internet-host-we-will-not-disclose.ch 22" \ some-internet-host-we-will-not-disclose.ch dd if=/dev/zero bs=$BS count=$COUNT_DOWN 2>/dev/null \ | buffer -S 1048576 -s $BS -o /dev/null echo done ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] Expected transfer speed LAN-LAN using OpenVPN?
On Sat, 12 Feb 2022 19:54:20 , tincantech via Openvpn-users wrote: > regarding your bottleneck, try iperf3 without the VPN but across the real > internet. Hm, That would entail having a way to enter my home LAN in a similar way as with VPN, right? I do have a few DDNS domain names pointing to my router's external address already, so I could add a new port forward for a not so common port (temporarily). If I set up a port forward for such a port to the local server I guess I can then use iperf3 to make a connection and check speed while bypassing the OpenVPN encryption bottleneck. Like doing this with port 33456 forwarded by the router to the OpenVPN server: Server: iperf3 -s -p 33456 -1 -f K Client: iperf3 -c -p 33456 -f K - So I tried that: -- $ iperf3 -c .boberglund.com -p 33456 -f K Connecting to host .boberglund.com, port 33456 [ 5] local 192.168.117.251 port 55484 connected to 158.174.1xx.1yy port 33456 [ ID] Interval Transfer Bitrate Retr Cwnd [ 5] 0.00-1.00 sec 2.40 MBytes 2456 KBytes/sec 50 7.07 KBytes [ 5] 1.00-2.00 sec 1.43 MBytes 1459 KBytes/sec 34 5.66 KBytes [ 5] 2.00-3.00 sec 1.25 MBytes 1277 KBytes/sec 39 7.07 KBytes [ 5] 3.00-4.00 sec 1.07 MBytes 1094 KBytes/sec 35 4.24 KBytes [ 5] 4.00-5.00 sec 1.43 MBytes 1460 KBytes/sec 29 9.90 KBytes [ 5] 5.00-6.00 sec 912 KBytes 912 KBytes/sec 34 1.41 KBytes [ 5] 6.00-7.00 sec 1.07 MBytes 1095 KBytes/sec 33 5.66 KBytes [ 5] 7.00-8.00 sec 1.25 MBytes 1277 KBytes/sec 39 9.90 KBytes [ 5] 8.00-9.00 sec 1.43 MBytes 1459 KBytes/sec 42 4.24 KBytes [ 5] 9.00-10.00 sec 1.25 MBytes 1277 KBytes/sec 37 4.24 KBytes - - - - - - - - - - - - - - - - - - - - - - - - - [ ID] Interval Transfer Bitrate Retr [ 5] 0.00-10.00 sec 13.4 MBytes 1377 KBytes/sec 372 sender [ 5] 0.00-10.00 sec 13.0 MBytes 1336 KBytes/sec receiver iperf Done. --- End of test --- Seems like I am getting the exact same result here, about 10 Mbit/s only... When I run the test I have to be connected with PuTTY to the remote client and this passes through the VPN tunnel. I hope that is not disturbing the measurements. I assume that there is no encryption involved with the transfers here? The VPN connection is set up to only pass LAN-LAN traffic through the tunnel, while Internet traffic uses the respective router as gateway to the Internet. I also tested the Internet speed using Ookla speedtest: Remote site: Speedtest by Ookla Server: RETN - Stockholm (id = 32926) ISP: Bahnhof AB Latency: 2.56 ms (0.07 ms jitter) Download: 248.73 Mbps (data used: 112.6 MB ) Upload:57.17 Mbps (data used: 70.9 MB ) <== Suspiciously slow Packet Loss: 2.7% Home site: Speedtest by Ookla Server: Bahnhof AB - Stockholm (id = 34024) ISP: Bahnhof AB Latency: 1.48 ms (0.90 ms jitter) Download: 242.70 Mbps (data used: 192.2 MB) Upload: 248.81 Mbps (data used: 368.8 MB) Packet Loss: 0.0% More investigation needed... -- Bo Berglund Developer in Sweden ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] Expected transfer speed LAN-LAN using OpenVPN?
On Sat, 12 Feb 2022 18:56:33 +0100, Gert Doering wrote: >Hi, > >On Sat, Feb 12, 2022 at 06:22:41PM +0100, Bo Berglund wrote: >> Connection LAN-LAN: >> Home LAN: ASUS RT-AC86U router >> Remote LAN: ASUS RT-AC68U router >> Remote router connects by OpenVPN to home OpenVPN server and the system has >> been >[..] >> Erlier tests with the server and client on the same LAN showed speed maxing >> out >> in the hundreds of Mbit/s. So the bottleneck seems to be OpenVPN. > >From what I could find, this router has a dual-core ARM CPU with 800 MHz, >which is just not very fast. For "regular packets" this is fast enough >(it might have hardware that helps with "normal routing") but if doing >crypto, I'm not sure how much you can achieve. So there may be more recent versions of routers that are faster in this respect? The two I use are different, the RT-AC86U is new whereas the other is the one I used at home before. And this is the one running the OpenVPN client so it encrypts the data. On the home side the ASUS RT-AC86U router just funnels the packets to the openVPN server, which has pretty capable hardware to decrypt the data. Maybe I should look for a replacement router instead of using the old home router? >If OpenVPN is new enough, going for "--cipher CHACHA20-POLY1305" might >help, as this can be accelerated nicely on (modern) ARM CPUs, while >the default 2.4+ cipher (AES-256-GCM) is only hardware-accelerated on >Intel CPUs with AES-NI instruction. I suspect that the OpenVPN version is pretty old on the ASUS RT-AC68U router... -- Bo Berglund Developer in Sweden ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] Expected transfer speed LAN-LAN using OpenVPN?
Hi, On Sat, Feb 12, 2022 at 06:22:41PM +0100, Bo Berglund wrote: > Connection LAN-LAN: > Home LAN: ASUS RT-AC86U router > Remote LAN: ASUS RT-AC68U router > Remote router connects by OpenVPN to home OpenVPN server and the system has > been [..] > Erlier tests with the server and client on the same LAN showed speed maxing > out > in the hundreds of Mbit/s. So the bottleneck seems to be OpenVPN. From what I could find, this router has a dual-core ARM CPU with 800 MHz, which is just not very fast. For "regular packets" this is fast enough (it might have hardware that helps with "normal routing") but if doing crypto, I'm not sure how much you can achieve. If OpenVPN is new enough, going for "--cipher CHACHA20-POLY1305" might help, as this can be accelerated nicely on (modern) ARM CPUs, while the default 2.4+ cipher (AES-256-GCM) is only hardware-accelerated on Intel CPUs with AES-NI instruction. gert -- "If was one thing all people took for granted, was conviction that if you feed honest figures into a computer, honest figures come out. Never doubted it myself till I met a computer with a sense of humor." Robert A. Heinlein, The Moon is a Harsh Mistress Gert Doering - Munich, Germany g...@greenie.muc.de signature.asc Description: PGP signature ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] Expected transfer speed LAN-LAN using OpenVPN?
On Sun, 30 Jan 2022 17:27:20 +, tincantech via Openvpn-users wrote: >To test your speed use iperf3 > I have now deployed the eqipment to the remote LAN and installed the fiber connection there. It is a 250/250 Mbit/s connection like what I have at home. So now I have done the iperf3 test in the real hardware. Server: Ubuntu Server 20.04.3 on Lenovo PC on home LAN (OpenVPN and file store) Client: Ubuntu Mint 20.3 on HP PRODESK PC on remote LAN Connection LAN-LAN: Home LAN: ASUS RT-AC86U router Remote LAN: ASUS RT-AC68U router Remote router connects by OpenVPN to home OpenVPN server and the system has been set up to be bidirectional (see separate thread here: "LAN-LAN connection via ASUS Router OpenVPN?"). Test with iperf3 (server at home, client at remote LAN) $ iperf3 -c 192.168.119.216 -f M Connecting to host 192.168.119.216, port 5201 [ 5] local 192.168.117.251 port 43860 connected to 192.168.119.216 port 5201 [ ID] Interval Transfer Bitrate Retr Cwnd [ 5] 0.00-1.00 sec 953 KBytes 0.93 MBytes/sec 26 8.72 KBytes [ 5] 1.00-2.00 sec 1.06 MBytes 1.06 MBytes/sec 31 4.98 KBytes [ 5] 2.00-3.00 sec 1.49 MBytes 1.49 MBytes/sec 32 3.74 KBytes [ 5] 3.00-4.00 sec 1.35 MBytes 1.35 MBytes/sec 28 2.49 KBytes [ 5] 4.00-5.00 sec 1.40 MBytes 1.40 MBytes/sec 27 4.98 KBytes [ 5] 5.00-6.00 sec 1.02 MBytes 1.02 MBytes/sec 28 7.48 KBytes [ 5] 6.00-7.00 sec 1.49 MBytes 1.49 MBytes/sec 33 6.23 KBytes [ 5] 7.00-8.00 sec 1.32 MBytes 1.32 MBytes/sec 31 3.74 KBytes [ 5] 8.00-9.00 sec 1.43 MBytes 1.43 MBytes/sec 21 13.7 KBytes [ 5] 9.00-10.00 sec 1.59 MBytes 1.59 MBytes/sec 34 6.23 KBytes - - - - - - - - - - - - - - - - - - - - - - - - - [ ID] Interval Transfer Bitrate Retr [ 5] 0.00-10.00 sec 13.1 MBytes 1.31 MBytes/sec 291 sender [ 5] 0.00-10.00 sec 13.0 MBytes 1.30 MBytes/sec receiver So this is about 10 Mbit/s speed... I had really hoped for something better than 1/25th of the connection speed. Is this normal or is there some way to improve the speed? Erlier tests with the server and client on the same LAN showed speed maxing out in the hundreds of Mbit/s. So the bottleneck seems to be OpenVPN. Grateful for any tips on improving this. -- Bo Berglund Developer in Sweden ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] Expected transfer speed LAN-LAN using OpenVPN?
On Mon, 31 Jan 2022 08:30:37 +0100, Gert Doering wrote: >Hi, > >On Mon, Jan 31, 2022 at 08:24:58AM +0100, Bo Berglund wrote: >> [ ID] Interval Transfer Bitrate Retr >> [ 5] 0.00-10.00 sec 1.10 GBytes 115283 KBytes/sec0 >> sender >> [ 5] 0.00-10.00 sec 1.10 GBytes 114916 KBytes/sec >> receiver >> >> iperf Done. >> >> Seems like here I have 1 Gbit/s transfers (given 8 bits per byte)! :) > >That is amazing indeed :-) > >Are you sure you were talking across the VPN, and not just locally >in the LAN? > This was internal connections between two Linux boxes on the same LAN. Just for testing the iperf application and the local speed using Gigabit switches... So no VPN connected yet. I have to deploy the 117 LAN equipment and switch that LAN from 4G mobile broadband to the fiber network and it has to be done on location. I am preparing as much I can before the 100 km trip to the other site. -- Bo Berglund Developer in Sweden ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] Expected transfer speed LAN-LAN using OpenVPN?
Hi, On Mon, Jan 31, 2022 at 08:24:58AM +0100, Bo Berglund wrote: > [ ID] Interval Transfer Bitrate Retr > [ 5] 0.00-10.00 sec 1.10 GBytes 115283 KBytes/sec0 > sender > [ 5] 0.00-10.00 sec 1.10 GBytes 114916 KBytes/sec > receiver > > iperf Done. > > Seems like here I have 1 Gbit/s transfers (given 8 bits per byte)! :) That is amazing indeed :-) Are you sure you were talking across the VPN, and not just locally in the LAN? gert -- "If was one thing all people took for granted, was conviction that if you feed honest figures into a computer, honest figures come out. Never doubted it myself till I met a computer with a sense of humor." Robert A. Heinlein, The Moon is a Harsh Mistress Gert Doering - Munich, Germany g...@greenie.muc.de signature.asc Description: PGP signature ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] Expected transfer speed LAN-LAN using OpenVPN?
On Sun, 30 Jan 2022 21:31:58 +0100, Bo Berglund wrote: >>To test your speed use iperf3 > >Thanks for the suggestion of this tool!! :-) > >I found a good intro to its usage here: >https://www.tecmint.com/test-network-throughput-in-linux/ Just performed the test with both server and client on my home LAN: $ iperf3 -c 192.168.119.216 -f K Connecting to host 192.168.119.216, port 5201 [ 5] local 192.168.119.237 port 39988 connected to 192.168.119.216 port 5201 [ ID] Interval Transfer Bitrate Retr Cwnd [ 5] 0.00-1.00 sec 114 MBytes 117184 KBytes/sec0409 KBytes [ 5] 1.00-2.00 sec 112 MBytes 114859 KBytes/sec0409 KBytes [ 5] 2.00-3.00 sec 112 MBytes 114550 KBytes/sec0409 KBytes [ 5] 3.00-4.00 sec 112 MBytes 114983 KBytes/sec0409 KBytes [ 5] 4.00-5.00 sec 113 MBytes 115227 KBytes/sec0409 KBytes [ 5] 5.00-6.00 sec 112 MBytes 114803 KBytes/sec0409 KBytes [ 5] 6.00-7.00 sec 112 MBytes 114797 KBytes/sec0409 KBytes [ 5] 7.00-8.00 sec 113 MBytes 116025 KBytes/sec0771 KBytes [ 5] 8.00-9.00 sec 112 MBytes 115201 KBytes/sec0 1.08 MBytes [ 5] 9.00-10.00 sec 112 MBytes 115197 KBytes/sec0 1.08 MBytes - - - - - - - - - - - - - - - - - - - - - - - - - [ ID] Interval Transfer Bitrate Retr [ 5] 0.00-10.00 sec 1.10 GBytes 115283 KBytes/sec0 sender [ 5] 0.00-10.00 sec 1.10 GBytes 114916 KBytes/sec receiver iperf Done. Seems like here I have 1 Gbit/s transfers (given 8 bits per byte)! :) -- Bo Berglund Developer in Sweden ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] Expected transfer speed LAN-LAN using OpenVPN?
Hi, On Sun, Jan 30, 2022 at 09:31:58PM +0100, Bo Berglund wrote: > But I have 250/250 Mbit symmetric fiber so there is no network difference on > direction of data. I am plan to put a backup server on the 117 LAN and it > needs > to have decent throughput so that the backups will not take forever... > Weekly incremental backups usually comprise about 10 GBytes. > But when a full backup hits then we are talking approximately 400 GBytes. You'll have to measure. Most likely the CPU of the ASUS routers will be the bottleneck - depending on what is in there, no hardware acceleration for crypto, etc. - so I'd expect "some 50 Mbit/s", not more. gert -- "If was one thing all people took for granted, was conviction that if you feed honest figures into a computer, honest figures come out. Never doubted it myself till I met a computer with a sense of humor." Robert A. Heinlein, The Moon is a Harsh Mistress Gert Doering - Munich, Germany g...@greenie.muc.de signature.asc Description: PGP signature ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] Expected transfer speed LAN-LAN using OpenVPN?
On Sun, 30 Jan 2022 17:27:20 +, tincantech via Openvpn-users wrote: >Hi, > >Sent with ProtonMail Secure Email. >* Which now seems to edit your text out .. ? I use an Agent Newsreader and communicate via the Gmane news mirror of the mail list. Works like a charm since I started like 15 years ago or so... > >To test your speed use iperf3 Thanks for the suggestion of this tool!! :-) I found a good intro to its usage here: https://www.tecmint.com/test-network-throughput-in-linux/ >Remember, the upload speed is the usual bottle-neck. > I guess that is true for ADSL and the like (asymmetric DSL). But I have 250/250 Mbit symmetric fiber so there is no network difference on direction of data. I am plan to put a backup server on the 117 LAN and it needs to have decent throughput so that the backups will not take forever... Weekly incremental backups usually comprise about 10 GBytes. But when a full backup hits then we are talking approximately 400 GBytes. -- Bo Berglund Developer in Sweden ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] Expected transfer speed LAN-LAN using OpenVPN?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi, Sent with ProtonMail Secure Email. * Which now seems to edit your text out .. ? To test your speed use iperf3 Remember, the upload speed is the usual bottle-neck. BR ‐‐‐ Original Message ‐‐‐ On Sunday, January 30th, 2022 at 16:40, Bo Berglund wrote: > Bo Berglund > > Developer in Sweden > > Openvpn-users mailing list > > Openvpn-users@lists.sourceforge.net > > https://lists.sourceforge.net/lists/listinfo/openvpn-users -BEGIN PGP SIGNATURE- Version: ProtonMail wsBzBAEBCAAGBQJh9spoACEJEE+XnPZrkLidFiEECbw9RGejjXJ5xVVVT5ec 9muQuJ1TwAf9GWFMgy+nIgvrqadxcKN2tdzkA3hGygkleNHQud/EINfCQa7/ X3RXlRm8BB27YFRJ7etLhQ26EdMm27cIiqiUeW2P20ke/uS/M8ZlNVEIAPZW ljPGLqzztFHupXtjOId0dE9PxZSi15L9kz6sHnYdHlc0Ka41pT48rWfEKbx7 Ubydksti1PtZ9R6txU7BZC/PDB8uZFXQ9qTAwmHm+odK07vIamZ1pfiBB3Dx G2bLm/rJIrj0RanlrvnqFKmghn83YJNcV8DVe578v8YFJ85UbHuj2S+pd9CP tztVMNfEBiLM46oewxBT0/xb5ViVk2ROafbxwBR7/WRoFo10CInFDw== =V0ok -END PGP SIGNATURE- publickey - tincantech@protonmail.com - 0x09BC3D44.asc Description: application/pgp-keys publickey - tincantech@protonmail.com - 0x09BC3D44.asc.sig Description: PGP signature ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users