Skip to main content

Why Are There Multiple Interfaces?

Question: Why does Access Server have multiple network interfaces?

Answer:

Multiple interfaces (e.g., as0t0, as0t1) are created to allow multiple OpenVPN daemons to run concurrently, improving performance on multi-core systems.

The OpenVPN 2 codebase operates on a single-thread, using one CPU core. To address this performance limitation on multi-core servers, Access Server spawns multiple daemons—one TCP and one UDP daemon per CPU core by default. A simple load-balancing system using iptables directs incoming VPN connections to the least loaded daemon.

Each daemon uses its own network interface, named as0t0, as0t1, etc., and receives a portion of the subnet defined in the Access Server settings. The system ensures seamless communication between clients connected to different daemons by routing traffic through the operating system’s routing table.

Can't find what you're looking for?

Our support team will be happy to assist you.

Contact Support