[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

[Openvpn-users] how to reduce tunnel bandwidth usage caused by abnormal packet overhead


  • Subject: [Openvpn-users] how to reduce tunnel bandwidth usage caused by abnormal packet overhead
  • From: Mohammad Reza Saghaei <adyonall@xxxxxxxxx>
  • Date: Thu, 24 Jan 2008 11:10:52 -0800 (PST)

I am using OpenVPN to handle voice traffic over Internet and I want to reduce my tunnel bandwidth usage.I use UDP tun mode and everythings seems to be working fine except huge bandwidth usage which is abnormal I think.
I used tcpdump to check my udp packet sizes through interface tun0 and the resault is all like this:
12:46:35.452412 IP xxx.xx.63.214.29014 > xxx.xx.99.11.24510: UDP, length 36
12:46:35.462336 IP xxx.xx.63.214.29010 > xxx.xx.99.11.24902: UDP, length 32
12:46:35.466547 IP xxx.xx.99.11.24364 > xxx.xx.63.214.29004: UDP, length 32
12:46:35.482370 IP xxx.xx.63.214.29014 > xxx.xx.99.11.24510: UDP, length 36
 
the I checked the same thing over interface eth0 which is tunneled udp packets including tunneling overhead I think and this is the resault:
12:51:46.302306 IP xxx.xxx.231.162.5002 > xxx.xxx.19.2.32771: UDP, length 101
12:51:46.302337 IP xxx.xxx.19.2.32771 > xxx.xxx.231.162.5002: UDP, length 77
12:51:46.304045 IP xxx.xxx.231.162.5002 > xxx.xxx.19.2.32771: UDP, length 101
12:51:46.311468 IP xxx.xxx.231.162.5002 > xxx.xxx.19.2.32771: UDP, length 101
12:51:46.312140 IP xxx.xxx.19.2.32771 > xxx.xxx.231.162.5002: UDP, length 101
 
So it seems that there is no MTU related problem because packet sizes are very small and not even anything near to 14xx/1500.
but why my tunneled packet sizes become 3 times larger than original ones?! and how can I reduce the overhead to its least possible to lower my requiered bandwidth usage.I searched your archive and could find nothing.
please help me and tell me what are my detailed udp packets overhead and how can I modify them?
I use TLS handshaking and this is one of my clients config file:
client
dev tun
proto udp
remote xxx.xxx.231.162 5002
resolv-retry infinite
nobind
user nobody
group nobody
persist-key
persist-tun
ns-cert-type server
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/client2.crt
key /etc/openvpn/keys/client2.key
comp-lzo
 
thank you,

 
 


Never miss a thing. Make Yahoo your homepage.