|
|
I have an OpenVPN 2.0.9 server running on Windows XP SP2 in Bridged
Mode with the redirect-gateway option enabled. I have found the
performance to be very good. Web browsing is slightly slower, but the
difference isn't very noticeable. However, when I setup an identical
Bridged VPN server on a Debian Sarge (3.1) server, the performance is
terrible. Web browsing is extremely slow even though overall throughput
is decent (10 mbit/sec tested transfer rate of a 200 MB file over a
wireless link.) There is very little cpu usage while the VPN is being
used for web browsing, so I don't understand why the performance is so
poor. I also tried creating a Routed VPN server on the Debian box,
again with the "redirect-gateway" option but the performance is
likewise poor. I have included my server config for the Bridged server
(Windows & Linux) and the Routed Server. I have tried using both
tun and tap, and using both the LAN gateway as my DNS server and my
ISP's DNS server. I still am getting poor performance on the Linux
server, while my Windows server works fine.
Bridged Server config Windows:
port 1194
proto udp
dev tap
dev-node OpenVPN
ca ca.crt
cert server.crt
key server.key # This file should be kept secret
dh dh2048.pem
ifconfig-pool-persist ipp.txt
server-bridge 192.168.0.2 255.255.255.0 192.168.0.150 192.168.0.155
push "redirect-gateway def1"
push "dhcp-option DNS 192.168.0.1"
;push "route 192.168.0.0 255.255.255.0"
client-to-client
keepalive 10 120
tls-auth ta.key 0 # This file is secret
cipher AES-256-CBC # AES
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 4
Bridged Server Linux:
port 1195
proto udp
dev tap0
ca ca.crt
cert server.crt
key server.key # This file should be kept secret
dh dh2048.pem
ifconfig-pool-persist ipp.txt
server-bridge 192.168.0.5 255.255.255.0 192.168.0.15 192.168.0.18
push "redirect-gateway def1"
push "dhcp-option DNS 192.168.0.1"
;push "route 192.168.0.0 255.255.255.0"
client-to-client
keepalive 10 120
tls-auth ta.key 0 # This file is secret
cipher AES-256-CBC # AES
comp-lzo
persist-key
persist-tun
user nobody
group nogroup
chroot /etc/openvpn
status openvpn-status.log
verb 4
Linux Routed Server:
port 1195
proto udp
dev tap
ca ca.crt
cert server.crt
key server.key # This file should be kept secret
dh dh2048.pem
ifconfig-pool-persist ipp.txt
server 10.8.0.0 255.255.255.0
#server-bridge 192.168.0.5 255.255.255.0 192.168.0.15 192.168.0.18
push "redirect-gateway def1"
push "dhcp-option DNS 129.64.99.11"
#push "dhcp-option DNS 10.8.0.1"
push "route 192.168.0.0 255.255.255.0"
client-to-client
keepalive 10 120
tls-auth ta.key 0 # This file is secret
cipher AES-256-CBC # AES
comp-lzo
crl-verify crl.pem
persist-key
persist-tun
user nobody
group nogroup
chroot /etc/openvpn
status openvpn-status.log
verb 4
|
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys -- and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users
Warning: require_once(../../../archive_common.php) [function.require-once]: failed to open stream: No such file or directory in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2006-10/msg00065.html on line 329
Fatal error: require_once() [function.require]: Failed opening required '../../../archive_common.php' (include_path='/usr/local/lib/php') in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2006-10/msg00065.html on line 329
|