[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

[Openvpn-users] Odd slow down of Openvpn


  • Subject: [Openvpn-users] Odd slow down of Openvpn
  • From: Luke Kearney <lkearney@xxxxxxxxxxxxx>
  • Date: Sun, 08 Jul 2007 02:47:28 +0900

Hello,

For about the last 18 months I have been using Openvpn to provide a
tunnel between several networks. Rather suddenly a couple of weeks ago
the speeds changed dramatically. Both client and server sit on
100Mbits/s circuits a regular backup job between the two networks had
been humming along at a sustained 20 - 25Mbits/s and now down to
2Mbits/s however as part of my troubleshooting I was able to send the
file to the remote host over the public internet and its back at
25Mbits/s. I can download from the central VPN server at expected speeds
its only when I try to upload to the VPN server or anything directly
attached to it.

The only changes on the VPN server were that a couple of new certs were
created and the respective ccd entries created, added CRL checking and
that is it.

Server config below

port 1195
proto udp
dev tun
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/server.crt
key /etc/openvpn/keys/server.key # This file should be kept secret
dh /etc/openvpn/keys/dh1024.pem
server 192.168.2.0 255.255.255.0
ifconfig-pool-persist ipp.txt
# Push routes to the client
### Network -D
push "route 192.168.3.0 255.255.0.0"
### VPN Clients
push "route 192.168.2.0 255.255.255.0"
### hq Network
push "route 192.68.10.0 255.255.255.0"
### Network - A
push "route 192.168.30.0 255.255.255.0"
### Network - B
push "route 19.168.25.0 255.255.255.0"
### Network - C
push "route 192.168.20.0 255.255.255.0"
### Push DNS server for VPN
push "dhcp-option DNS 192.168.1.2"
push "dhcp-option DOMAIN our.domain.com"
client-config-dir ccd
### Require a client-config-dir entry for all connecting hosts.
ccd-exclusive
### Routes we actually perform
### hq
route 192.168.10.0 255.255.255.0
keepalive 10 120
comp-lzo
#fragment 1400
tun-mtu 1500
tun-mtu-extra 32
persist-key
persist-tun
status openvpn-status.log
management 192.168.1.1 7505
crl-verify /etc/openvpn/keys/crl.pem
verb 4
mute 20

Client as follows:-

client
dev tun
proto udp
remote vpn.ourdomain.com 1195
resolv-retry infinite
nobind
persist-key
persist-tun
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
;mute-replay-warnings
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/client.crt
key /etc/openvpn/keys/client.key
comp-lzo
verb 4

Both server and client are running RHEL

If there is more information I can provide please let me know.

Thanks


-- 
Luke 

____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users