Speed
-
4mbps up – why don't you just get a vps for like $12 a year and have him use that as his vpn exit point.
-
Back in 2009, that was all the rave about IPSEC over OpenVPN, but my impression today (and for the last few years) is that OpenVPN is at least on par performance wise as IPSEC in the real world.
I'm not sure if that is true on FreeBSD. I sadly never found the time to learn the internal principals, how FreeBSD (kernel) works. I made the assumption, that it works on FreeBSD in a similar way how IPsec works like it on Linux does. I'm not sure about that, may a FreeBSD can help you on that question. On Linux, IPsec works on Kernelspace, OpenVPN has to wrap the packets arround a SSL Layer in userspace. This is probably slower, but i havn't made any real world benchmarks. Also IPsec feels more native and almost every OS support it out of the box.
I think the thing, which is more easy to setup is a question of personal taste. I've read from many ppl, who say, IPsec is just so easy to setup. But i had not just one time fiddle around the configs for several hours, to get it work probably.On the other side, i always got OpenVPN work immediately, and found the setup very straight forward, even behind NAT :)
-
While many OS support ipsec out of the box yes, good luck getting it to work in a road warrior sort of setup.. The protocol is mostly blocked when your on some sort of hotspot like hotel or starbucks, etc. Anything with nat really.. Sure if your going to use it site to site on actual public ip space its never an issue.
I don't really see why the OP is messing with any sort of vpn connection when he only has 4mbps uplink.. He can get any lowend vps for cheaper than his time in setting it up on his home box.. And then during football games his bandwidth is crap while his buddy watches a game..
Now if he had a nice fat pipe and wasn't using most of it anyway, ok - but 4mbps.. ouch….
-
While many OS support ipsec out of the box yes, good luck getting it to work in a road warrior sort of setup.. The protocol is mostly blocked when your on some sort of hotspot like hotel or starbucks, etc.
I definitely agree on that, but IKEv2 fixes many of these "issues". I'm experimenting with an android road warrior these days, and got very satisfactonary results with my android road warrior, even it is behind nat. I just don't got the routing to the internet through the native vpn working, but i guess this is an android issue and also not object of this topic.
I also guess, the CPU is not the bottleneck in this topic, but the used Atom CPU is not really the fastest. So the starter of this topic may should take a look on the cpu load, just to be sure that this is not the problem
-
I really don't think his cpu has anything to do with it.. 4mbps is going to be CRAP to stream video through.. And then add the overhead of vpn tunnel.. Good luck trying to use his own internet connection when the remote guy is watching a video.. If he does its going to mess up the stream most likely..
-
Any ideas to optimize for top speed?
Yeah, get a faster connection. 4M is going to suck. Maybe your friend should just buy VPN service like everyone else.
-
He could do that or just get a lowend vps (12-15$ a YEAR) and put openvpn-as on it in like 30 seconds, clickity clickity you have a vpn exit point wherever your vps is.
Why does he even need a US ip, I would think he would want an outside the US IP since nfl.com streaming works for international.. Only the US is stuck with preseason and watching after the fact.. This is going to be his best option for best quality.. http://www.nfl.com/watch-nfl-live
With NFL.com Game Pass you can watch every NFL game online1 live or on demand in high definition. NFL.com Game Pass features DVR controls, multi-game viewing mode options, and many more enhanced features
1Certain restrictions apply. NFL Game Pass is only available to users located outside the United States, Mexico, Bermuda, Antigua, the Bahamas, and any U.S. territories, possessions and commonwealths.
2Additional blackout restrictions apply in Canada, the UK and Republic of Ireland. NFL Network access is not available in Canada -
Thank you for all of the replies. He said the quality was good after switching on the fastforwarding, which surprises me too, but he seems happy.
The cpu doesn't seem to be an issue at all. There is nobody around here that will sell me a faster upstream. I hope Ting or someone like that will come here someday.
This is for college sports, which they should sell internationally, but they don't, so he needs the US.
Is this the type of vps you are talking about? http://lowendbox.com I thought about something like this before, but the ones I looked at were much more expensive.
We started this way, because he was complaining about it and it dawned on me that it would be really easy to do with pfsense, so we could test it for free and go from there.
-
This post is deleted! -
This post is deleted!
