OpenVPN Support Forum

Good day to all.

I have OpenVPN 2.2.0 under Linux. I need to use tcp protocol, because I need to access my home server (this is Synology NAS if it needed) from my work, but I can only access it though http proxy.
If I test this scenario even from my _home_ network, file copy speed is 6-8 times slower than under udp protocol.
Is this normal? What can I do to improve performance with tcp?
My server config:
port 8080
proto tcp
dev tun
ca ca.crt
cert 192.168.1.110.crt
key 192.168.1.110.key
dh dh1024.pem
topology subnet
# local 192.168.3.110
server 192.168.2.0 255.255.255.0
push "route 192.168.3.0 255.255.255.0"
client-to-client
keepalive 20 180
comp-lzo
max-clients 10
# tun-mtu 1300
# mssfix
user nobody
group nobody
persist-key
persist-tun
status openvpn-status.log
log-append openvpn.log
verb 3
mute 20

Thank you.

there are a couple of things to try:

1) determine the optimal MTU value; this can be done by pinging the server using on linux or using on Windows; vary <size> to find the optimal value; I'd start out with 1472 , as that is the default for ethernet networks.
If the MTU needs to be lowered then lower it on both ends

2) specify an 'mssfix' value e.g 3) add to the server config and restart the server.

If the connection is bad (i.e. packet loss > 10%) then openvpn over TCP will always be much slower than openvpn over UDP (due to the dreaded TCP-over-TCP handshake lockups).

Hi, Janjust

tcp-nodelay was real cure!
Thank you very much. I was really thinking that this option is used everywhere by default now.....

Now tcp speed is comparable (~10% slower) than udp speed.

And I have one more question. Without vpn file copy speed in local network is about 20MB/sec. With VPN established in this local net (no internet for test purpose) file copy speed is 1,5Mb/sec maximum. Is it normal?