Just to clarify a bad statement from my side
And if you have OpenVPN 2.4 (or OpenVPN 3 based clients) which can tackle AES-GCM algorithms, this overhead drops to 0, as the authentication is built into the GCM part.
This is somewhat incorrect. The packet overhead does not drop to 0. The packet size is reduced with 8 bytes compared to CBC with --auth SHA1. But the CPU overhead is removed, as the authentication and decryption happens in the same crypto operation. With CBC with --auth, the decryption and authentication are two more or less independent operations.
what do you think about comp-lzo?
Generally, compression and encryption are questionable. It makes the encrypted data stream a more viable target for compression oracle attacks. If you are concerned about others detecting the contents of the data you transfer, disable compression. If you're more concerned about throughput than security, compression might give an advantage if
the contents being transported is compressible. If you mostly transport data already compressed (video, audio, etc), the compression will have little effect but adding more CPU load.
That said, if you want to use compression - move to the newer --compress option instead of --comp-lzo.