Slow Speeds with OPENVPN

johnpoz · Mar 25, 2020, 5:05 PM

How are you moving the file exactly.. SMB, SFTP, Webdav? NFS?

Keep in mind that SMB for example can be horrible once the latency goes over a few ms

Also keep in mind that vpn adds overhead.. Are you doing udp or tcp? I would suggest you prob take a look at the recent scaling vpn document put out by netgate.

https://docs.netgate.com/pfsense/en/latest/vpn/scaling.html

The reason I mentioned so many things - as there are a lot of moving parts in vpn access that many users do not take into account. And they think oh well I have X speed at both client and server I should be able to move file at X speed..

And just because it comes up so often... and wrong B is used.. Your saying your moving files at 3Mbits per second, or 3MBytes per second?

What is the latency between your client and server is it 10ms, or 100ms for example? This can be a huge issue if your just trying to use windows file copy (smb).. And what version 1, 2, 3 - the chattiness has gotten better in current versions.. Chatty protocols and longer RTT means slowness..

edit: Exactly as JKnott mentions.. I took it that both ends are 100/100 but is really X/Y and A/B where X and A or download, and Y,B are upload..

mttpfsenseadmin · Mar 25, 2020, 5:23 PM

@JKnott The speed of the PFsense device is 100Mbps up and down, the speed at my residence is 940Mbps down and 880Mbps up.

Rico · Mar 25, 2020, 5:28 PM

Like johnpoz said, there is no "Speed" button you can just push.
Provide more information, so maybe we can help.

-Rico

mttpfsenseadmin · Mar 25, 2020, 5:31 PM

@johnpoz I am using NFS for file transferring. I am doing UDP for my connection. The file transfer says 355KBps. When I look at the traffic monitor for the OPENVPN connection, the max bandwidth it reaches is 3Mbps. I am only getting 4ms to 5ms of latency from my home to the server.

johnpoz · Mar 25, 2020, 5:44 PM

4 to 5 ms... Wow your server hosted by the same ISP across the street from you? I don't even get that to my isp gateway ;)

I would look to tweaking your NFS setup... Its known issue that NFS over wan is horrible, etc..

https://thegoodcodeinn.blogspot.com/2015/06/nfs-over-openvpn-over-adslor-slow.html

Can you use say webdav or something to move your data?

Rico · Mar 25, 2020, 5:52 PM

@johnpoz said in Slow Speeds with OPENVPN:

I don't even get that to my isp gateway ;)

PING 8.8.8.8 (8.8.8.8): 56 data bytes
64 bytes from 8.8.8.8: icmp_seq=0 ttl=57 time=4.863 ms
64 bytes from 8.8.8.8: icmp_seq=1 ttl=57 time=4.199 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=57 time=4.266 ms

--- 8.8.8.8 ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 4.199/4.443/4.863/0.298 ms

-Rico

JKnott · Mar 25, 2020, 5:55 PM

@mttpfsenseadmin

One thing to bear in mind is there's no throttling with UDP in the way there is with TCP. This means you have a significant of lost packets, due to a fast connection over running a slower one. UDP is bandwidth constrained by some applications, such as VoIP, but if you're doing file transfers over UDP, I'd expect a lot of lost packets. OpenVPN, while using UDP for the transfer protocol, is limited by TCP in the traffic it carries.

johnpoz · Mar 25, 2020, 6:02 PM

4ms to google - that pretty slick ;)

[2.4.4-RELEASE][admin@sg4860.local.lan]/root: ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8): 56 data bytes
64 bytes from 8.8.8.8: icmp_seq=0 ttl=54 time=12.904 ms
64 bytes from 8.8.8.8: icmp_seq=1 ttl=54 time=14.759 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=54 time=12.974 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=54 time=20.279 ms
64 bytes from 8.8.8.8: icmp_seq=4 ttl=54 time=16.124 ms
64 bytes from 8.8.8.8: icmp_seq=5 ttl=54 time=12.191 ms
64 bytes from 8.8.8.8: icmp_seq=6 ttl=54 time=11.919 ms
64 bytes from 8.8.8.8: icmp_seq=7 ttl=54 time=36.262 ms
^C
--- 8.8.8.8 ping statistics ---
8 packets transmitted, 8 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 11.919/17.176/36.262/7.659 ms

mttpfsenseadmin · Apr 13, 2020, 5:25 PM

I was able to resolve my issue. I had the debug setting set very high on the tunnel. Once I lowered the debugging verbosity, my speeds were fine.

JKnott · Apr 13, 2020, 6:13 PM

@johnpoz said in Slow Speeds with OPENVPN:

4ms to google - that pretty slick ;)

Here's mine.

PING 8.8.8.8 (8.8.8.8): 56 data bytes
64 bytes from 8.8.8.8: icmp_seq=0 ttl=56 time=26.496 ms
64 bytes from 8.8.8.8: icmp_seq=1 ttl=56 time=12.179 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=56 time=11.206 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=56 time=10.219 ms
64 bytes from 8.8.8.8: icmp_seq=4 ttl=56 time=13.817 ms
64 bytes from 8.8.8.8: icmp_seq=5 ttl=56 time=9.764 ms
64 bytes from 8.8.8.8: icmp_seq=6 ttl=56 time=8.719 ms
64 bytes from 8.8.8.8: icmp_seq=7 ttl=56 time=10.771 ms
64 bytes from 8.8.8.8: icmp_seq=8 ttl=56 time=10.745 ms
64 bytes from 8.8.8.8: icmp_seq=9 ttl=56 time=17.773 ms
64 bytes from 8.8.8.8: icmp_seq=10 ttl=56 time=7.366 ms
64 bytes from 8.8.8.8: icmp_seq=11 ttl=56 time=11.967 ms
64 bytes from 8.8.8.8: icmp_seq=12 ttl=56 time=15.246 ms
64 bytes from 8.8.8.8: icmp_seq=13 ttl=56 time=10.638 ms
64 bytes from 8.8.8.8: icmp_seq=14 ttl=56 time=8.609 ms
64 bytes from 8.8.8.8: icmp_seq=15 ttl=56 time=10.193 ms
64 bytes from 8.8.8.8: icmp_seq=16 ttl=56 time=8.295 ms
64 bytes from 8.8.8.8: icmp_seq=17 ttl=56 time=10.942 ms
^C
--- 8.8.8.8 ping statistics ---
18 packets transmitted, 18 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 7.366/11.941/26.496/4.300 ms

It appears to be a bit better than yours. I'm on a 75/10 plan on cable modem.