Load Balanced OpenVPN Tunnels
-
Hi guys,
How easy is it to setup a load balanced setup for OpenVPN?
I currently have a 100Mbit line, only get about 50Mbit through VPN (CPU usage at 30%) - I'd like to consider adding another VPN point to point and load balancing over the two?
For reference, my current setup:
-
Point to point VPN configured between PF and a remote location, no-pull, few custom options for performance.
-
OpenVPN interface (OVPN_INTERFACE) bound to the point to point VPN service (for lack of a better explanation)
-
Firewall rule (policy route) on LAN outbound specifies any traffic originating from 10.1.1.2, use the default gateway (OVPN_INTERFACE), as well as being tagged NO_WAN_EGRESS
-
Outbound NAT rule on OVPN_INTERFACE, any traffic matching 10.1.1.0/24 will be translated by NAT.
-
Floating point rule on Outbound WAN, any traffic matching tag NO_WAN_EGRESS is dropped.
–--------------------------------
Cheers
-
-
Hi guys,
How easy is it to setup a load balanced setup for OpenVPN?
I currently have a 100Mbit line, only get about 50Mbit through VPN (CPU usage at 30%) - I'd like to consider adding another VPN point to point and load balancing over the two?
For reference, my current setup:
-
Point to point VPN configured between PF and a remote location, no-pull, few custom options for performance.
-
OpenVPN interface (OVPN_INTERFACE) bound to the point to point VPN service (for lack of a better explanation)
-
Firewall rule (policy route) on LAN outbound specifies any traffic originating from 10.1.1.2, use the default gateway (OVPN_INTERFACE), as well as being tagged NO_WAN_EGRESS
-
Outbound NAT rule on OVPN_INTERFACE, any traffic matching 10.1.1.0/24 will be translated by NAT.
-
Floating point rule on Outbound WAN, any traffic matching tag NO_WAN_EGRESS is dropped.
–--------------------------------
Cheers
Load balancing may not be the answer. You may want to see if you have a physical, network, or ISP issue first. First question being:
Do you have a 100Mbit line on both ends?
Are the download/upload speeds the same? If not, what are they on each side?
What type of speeds do you get if you direct connect a laptop to the each connection and run some basic Internet speed tests? -
-
100/40 connection - 100/400 speeds off the VPN, about 50/20 through the VPN.
It's clearly a provider issue - you generally never get an OpenVPN provider that can maintain close to 100Mbit/s downstream.
–---------------------------------
What's the next step from here? - anyone know how to load balance OpenVPN tunnels?
-
you generally never get an OpenVPN provider that can maintain close to 100Mbit/s downstream.
Eh, in what part of the world? My VPN provider can max my 150/10Mbps connection on a single thread.