There are moments when OpenVPN is extremelly slow with good WAN connections

This forum is for admins who are looking to build or expand their OpenVPN setup.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
SipriusPT
OpenVpn Newbie
Posts: 8
Joined: Wed Jun 07, 2017 9:04 am

There are moments when OpenVPN is extremelly slow with good WAN connections

Post by SipriusPT » Wed Jun 07, 2017 9:27 am

Hello guys,

I have been noticing that some times users got slow connections from client to side, but each connection is 100/10 Fiber or almost a stable 21/21 4G. There is no bottleneck between each point.

From several random connections that I have made from 4G in random locations, some times I got some kind of bottleneck in Upload or Download, and dont know why.

When I noticed some bottleneck in VPN connection, just to confirm, I made speed tests and exit the connection and then made another speed test.

From another user using Windows 10, he is experincing another behaviour that cannot use the tunnel when it does his first login, it needs to restart his machine to be able to use the VPN properly. In server side when this problem occurs, the device seems to be able to login. I have not confirm yet if I am able to ping when this happens or if openvpn client is still "green".

There are some imgs attached, with some tests that I have made using the same connection:

http://prntscr.com/fgwd8z
http://prntscr.com/fgwdff
http://prntscr.com/fgwdkz
http://prntscr.com/fgwdow

In system logs, there are no errors as well as in user sides.

Router Firewall: Netgate SG-4860

OpenVPN server config:
UDP
tun
DH Parameter: 1024
Encryption Algoritm: AES 128 CBC
Auth digest algoritm: SHA256
Hardware crypto: BSD cryptodev engine
Cert depth: One
Compression: Adaptive compression
Duplicate connection: yes
Block Outside DNS: yes
Force DNS cache update: no

OpenVPN client config:
dev tun
persist-tun
persist-key
cipher AES-128-CBC
auth SHA256
tls-client
client
resolv-retry infinite
remote x 1194 udp
lport 0
verify-x509-name "x" name
auth-user-pass
pkcs12 pfSense-udp-1194-fabio.p12
tls-auth pfSense-udp-1194-fabio-tls.key 1
ns-cert-type server
comp-lzo adaptive

Anyone knows or have saw this problem before?
Top
TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: There are moments when OpenVPN is extremelly slow with good WAN connections

Post by TinCanTech » Wed Jun 07, 2017 10:09 am

See --log & --verb in The Manual v24x

Set --verb 4 and then check your logs for problems ..
Top
SipriusPT
OpenVpn Newbie
Posts: 8
Joined: Wed Jun 07, 2017 9:04 am

Re: There are moments when OpenVPN is extremelly slow with good WAN connections

Post by SipriusPT » Thu Jun 08, 2017 3:25 pm

TinCanTech wrote:See --log & --verb in The Manual v24x

Set --verb 4 and then check your logs for problems ..
Thanks, I have set it to lvl 4.

But still there is no error or warning about low speed when I am using openVPN =/

There is no overload CPU or any lack of resourses in this server, while it is doing this VPN with several users.
Top
SipriusPT
OpenVpn Newbie
Posts: 8
Joined: Wed Jun 07, 2017 9:04 am

Re: There are moments when OpenVPN is extremelly slow with good WAN connections

Post by SipriusPT » Fri Jun 16, 2017 12:10 pm

So I have finally discovered the source of this problem. And I would like to share with you.

if you encounter the same issue.Seems like one ISP was doing traffic shape, and from what I have saw seems like they are targeting UDP packages. I have not test it to be sure because I have changed both UDP to TCP and also the port number to another non official.

In Portugal I have tested this VPN with MEO, NOS and Vodafone, and the ISP that I am talking belongs to Vodafone. 
Top
Post Reply

Return to “Server Administration”