Bad performance, latency and ping

Need help configuring your VPN? Just post here and you'll get that help.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
depstr
OpenVpn Newbie
Posts: 1
Joined: Sun Jan 28, 2024 8:01 pm

Bad performance, latency and ping

Post by depstr » Sun Jan 28, 2024 8:03 pm

I have my home setup on Raspberry PI-5 8GB model. No CPU heavy tasks are running and ram is used up to 3GB so by resources it is okay. The OpenVPN server is portforwarded on port 1297 via UDP.My ISP provides me with an static IPv4 and IPv6. The speeds from the PI are 40Mbps Down 8Mbps UP.However the connected clients get 1-3Mbps Down & 7Mbps UP and 100+ms ping with 40ms jitter and 10-15% Packet Loss. I have tested the client connection on multiple devices with different networks. And got the same results.

The PI 5 is running Ubuntu 23.10.

Server config:

Code: Select all

port 1297
proto udp
dev tun
user nobody
group nogroup
persist-key
persist-tun
keepalive 10 120
topology subnet
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "dhcp-option DNS 192.168.1.6"
push "redirect-gateway def1 bypass-dhcp"
server-ipv6 fd42:42:42:42::/112
tun-ipv6
push tun-ipv6
push "route-ipv6 2000::/3"
push "redirect-gateway ipv6"
dh none
ecdh-curve prime256v1
tls-crypt tls-crypt.key
crl-verify crl.pem
ca ca.crt
cert server_v40UO7iveJKGmbvp.crt
key server_v40UO7iveJKGmbvp.key
auth SHA256
cipher AES-128-GCM
ncp-ciphers AES-128-GCM
tls-server
tls-version-min 1.2
tls-cipher TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
client-config-dir /etc/openvpn/ccd
status /var/log/openvpn/status.log
verb 3
Client config:

Code: Select all

client

proto udp

explicit-exit-notify

remote <homeip> 1297

dev tun

resolv-retry infinite

nobind

persist-key

persist-tun

remote-cert-tls server

verify-x509-name server_v40UO7iveJKGmbvp name

auth SHA256

auth-nocache

cipher AES-128-GCM

tls-client

tls-version-min 1.2

tls-cipher TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256

ignore-unknown-option block-outside-dns

setenv opt block-outside-dns # Prevent Windows 10 DNS leak

verb 3

<ca>

-----BEGIN CERTIFICATE-----

<redac>

-----END CERTIFICATE-----

</ca>

<cert>

-----BEGIN CERTIFICATE-----

<redac>

-----END CERTIFICATE-----

</cert>

<key>

-----BEGIN PRIVATE KEY-----

<redac>

-----END PRIVATE KEY-----

</key>

<tls-crypt>

#

# 2048 bit OpenVPN static key

#

-----BEGIN OpenVPN Static key V1-----

<redac>

-----END OpenVPN Static key V1-----

</tls-crypt>
Top
Post Reply

Return to “Configuration”