OpenVPN Tunnel DL & UL Speed is Slow
-
@limez17 said in OpenVPN Tunnel DL & UL Speed is Slow:
Hi @JKnott,
Thank you for your response on my thread.
It's been a week now since I started to troubleshoot this issue. But still unable to resolve it.
Do you have a pfSense OpenVPN setup? If yes, may I ask what is your configuration?Yes I do, but it's just a basic configuration, nothing special. All a VPN does is move packets from A to B. It doesn't even worry about stuff like TCP connections etc. In this regard, it's no different than an Ethernet NIC. Given that ssh works well, it's obvious that OpenVPN is working well too.
-
Hi again @JKnott,
I strongly agree with you. I too is using just a basic configuration to move packets from A to B. But it got a little bit salty on the download part from Server to Client.
-
no traffic shaper involved i guess ?
-
@kiokoman none
-
@mcury I've tried internet explorer, edge, mozilla. Same result hehe
-
@limez17 Have you tried IKE tunnel between sites to confirm if the problem is openvpn?
Setup an iperf server at the other side of the tunnel for a good test. -
Hi @mcury,
Good day!
What is IKE? Also how to setup an iperf server? -
@limez17 said in OpenVPN Tunnel DL & UL Speed is Slow:
Hi @mcury,
Good day!
What is IKE? Also how to setup an iperf server?ipsec tunnel. you need to setup phase1 and phase2? This rings nothing to you?
iperf is ez to google -
@mcury found it, installing the iperf now hehe
-
@mcury IPsec tunnel rings a bell. But I want to stick to OpenVPN. I'm planning to deploy OpenVPN client on a Rasbian Pi.
But if not luck settling the score. Will try to putup an IPsec tunnel. Thank you for this recommendation. ^_^ -
@limez17 said in OpenVPN Tunnel DL & UL Speed is Slow:
Also how to setup an iperf server?
You may want to check my posts in another area here. The pfsense Package Manager installs v2 of iperf, which is obsolete and not compatible with the current v3. To install it, you have to run the command "pkg install iperf3". However, you'll have to run it from the command line, as it won't be available under Diagnostics.
-
Actually, running iperf on the firewall is not the best method of testing.
You should install it into the server, or in a device at the server's network, and test from the other side, also not from the firewall.
Test only the throughput.. -
Hi @mcury,
I found the culprit. It turns out my ISP 20mbps internet is asymmetric.
They advertised 20mbps fiber but the DL is the only 20mbps, UL is 8mbps.
I will be testing on my other ISP which is verified symmetric 100mbps.
Will provide feedback. Thank you! -
Asymmetric connections are typical on ADSL and cable, due to bandwidth limitations. However, I have no idea why they often use it on fibre, as so much bandwidth is available.
Incidentally, the theoretical maximum bandwidth on fibre is about 2.5 petabits (2.5 million Gb). If you were to run 250 wavelengths, with DWDM, with each wavelength carrying 100 Gb/s, you use only 1% of that capacity. Fibre supports a LOT of bandwidth.
-
Hi @JKnott,
Our telco company here in country is so greedy