[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

[Openvpn-users] OpenVPN v2.1rc4 on winXP-SP2: strangely big traffic volume


  • Subject: [Openvpn-users] OpenVPN v2.1rc4 on winXP-SP2: strangely big traffic volume
  • From: Tony <kb2wjw@xxxxxxxxx>
  • Date: Fri, 20 Jul 2007 04:27:55 +0400

I sniff on the two interfaces simultaneously - on the TAP-Win32 and on the physical one. The LZO is switched on at both the server and the client (both are winXP-SP2, OpenVPN v2.1rc4).

The test session was the NNTP read|post with the total amount of ~60kB belonging to the NNTP client.

The traffic on the physical adapter has amounted to ~155kB of UDP between my server IP and the client IP address on the ISP network. The traffic is shown to belong to the "openvpn.exe" process.

However, the traffic on the virtual adapter is much, MUCH bigger than that: almost ~710kB total, with ~60kB of it (belonging to Opera.exe) being the NNTP between my client's VPN IP address and the NNTP servers, the rest ~650kB was attributed to some "system" process sending UDP between my client's VPN IP address and my server's public IP address.

The "report-p.htm" is taken on the physical adapter, the "report-v.htm" is from the virtual one.

Is it normal to see that the ~60kB of useful traffic being actually carried as ~155kB of protected traffic?

What could those extra ~650kB be about?

Also, please notice a rather high percentage of sub-64-byte packets.
Is it normal to have ~30% of packets being less than 64 bytes long on a virtual adapter? The ~87% of packets on my physical adapter are in the range of 128-to-255 bytes long.

The physical adapter's MTU is 1450, the client OVPN file is this:

client
dev tap

tun-mtu 1500
fragment 1300
mssfix

dev-node TAP-Win32

proto udp

remote my-openvpn-server 1194
resolv-retry infinite
nobind
persist-key
ca ca.crt
cryptoapicert "THUMB:5a 74 7b ... 82"
ns-cert-type server
tls-auth ta.key 1
tls-remote OpenVPN endpoint

cipher BF-CBC

comp-lzo

pull
verb 3
explicit-exit-notify 5

Please comment.
Thank you in advance.

--
Tony.
Title: CommView Report
Statistics Report
Generated on 20.07.2007 at 4:11:30 by CommView. Capture time elapsed since last reset (hh:mm:ss): 00:51:32

General

Average packets per sec. 0
Average bytes per sec. 233
Total packets 1 474
Total bytes 720 936

  Item \ Direction Inbound Outbound Pass-through
Packets 279 1 048 147
Bytes 38 015 674 190 8 731
Bytes per sec. 12 218 3

Ethernet Protocols

Protocol Bytes Percentage
IP71222398,79
ARP10020,14
802.273321,02
NetBIOS3790,05

IP Protocols

Protocol Bytes Percentage
TCP599568,42
UDP65215291,57
ICMP1150,02

IP Sub-protocols

Sub-protocol Bytes Percentage
HTTP00,00
FTP00,00
POP300,00
SMTP00,00
Telnet00,00
NNTP599568,42
NetBIOS00,00
HTTPS00,00
DNS6670,09
Other65148591,49

Packet Size Distribution

Packet Size Packets Percentage
<64 46531,55
64-127 24716,76
128-255 533,60
256-511 231,56
512-1023 45831,07
>1023 22815,47

 

Title: CommView Report
Statistics Report
Generated on 20.07.2007 at 4:14:09 by CommView. Capture time elapsed since last reset (hh:mm:ss): 00:30:00

General

Average packets per sec. 0
Average bytes per sec. 0
Total packets 0
Total bytes 0

  Item \ Direction Inbound Outbound Pass-through
Packets 0 0 0
Bytes 0 0 0
Bytes per sec. 0 0 0

Ethernet Protocols

Protocol Bytes Percentage
IP00,00
ARP00,00

IP Protocols

Protocol Bytes Percentage
TCP00,00
UDP00,00
ICMP00,00

IP Sub-protocols

Sub-protocol Bytes Percentage
HTTP00,00
FTP00,00
POP300,00
SMTP00,00
Telnet00,00
NNTP00,00
NetBIOS00,00
HTTPS00,00
DNS00,00
Other00,00

Packet Size Distribution

Packet Size Packets Percentage
<64 00,00
64-127 00,00
128-255 00,00
256-511 00,00
512-1023 00,00
>1023 00,00

 

_______________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users