[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

[Openvpn-users] Baffling Performance Problems, Any Debugging Ideas?

  • Subject: [Openvpn-users] Baffling Performance Problems, Any Debugging Ideas?
  • From: Blake Watters <blake@xxxxxxxxxxxxx>
  • Date: Thu, 20 Dec 2007 05:41:22 -0500

I am deploying OpenVPN for the forth time in a production setting and  
I am having a baffling set of performance issues that I am totally out  
of ideas for debugging. Here's the situation:

I have two geographically separate clusters of machines, one in a data  
center and one inside our development teams offices. Each cluster  
consists of several machines running Linux Xen with a number of VM's  
inside the machines. On each end I have a VM running OpenVPN over UDP  
in routed persistent tun mode with TLS. In the data center I have a  
pair of NetScreen 50's handling the routing -- they have reverse  
routes configured back to the VPN IP block and the remote LAN. In the  
office, I have a brand new Linksys with the opposite configuration.  
Everything seems happy. Until I start rsyncing or scp'ing data across  
the pipe.

No matter what I do, I can't get the performance into anything beyond  
an absolute joke. I see between 4 and 20k a second data transfers --  
its ridiculous. I've tried changing MTU's, experimented with TCP,  
checked the results from different endpoints across the connection,  
looked at fragmentation settings, everything I can think of. I've  
successfully run VoIP over OpenVPN with far less substantial hardware,  
so I must be missing some key bit data point here or just be so  
cracked out after 10 hours of fighting with it that I am missing  
something obvious.

Anybody have any ideas what could pull the performance down to such  
abysmal levels? Any fresh diagnostic or debugging avenues I should run  
down after some sleep? Help me, I'm struggling here :-P
OpenVPN mailing lists