(SOLVED) There are moments when OpenVPN is extremelly slow with good connections



  • Hello guys,

    I have been noticing that some times users got slow connections from client to side, but each connection is 100/10 Fiber or 21/21 4G. There is no bottleneck between each point.

    From several random connections that I have made from 4G, some times I got some kind of bottleneck in Upload or Download, and dont know why.

    When I noticed some bottleneck in VPN connection, just to confirm, I made speed tests and exit the connection and then made another speed test.

    There are some imgs attached, with some tests that I have made using the same connection.

    In system logs, there are no errors as well as in user sides.

    I am able to share the openVPN server config if want.

    Anyone knows or have saw this problem before?









  • Those users with issues are using Windows.

    At first I have set openVPN server without forcing that tunnel to be used as a internet gateway, and I had users(I set 3 users to be my beta testers, two windows and one linux) saying that sometimes they was losing the capability to use internet and connect to devices in the other side of the tunnel. Just Windows users had report this problem. In both server and client sides logs, there was no errors.

    From tests that I have made with the previous server config, I tested from another network in this router who is doing the openVPN server, and never encounter such problem, and I have used it for weeks. I have also use it in two laptops and my smartphone at home, simultaneous and I have not found any problem.

    For this purposes I was thinking that could be an issue with DNS's, so I activated this tunnel to be used as internet gateway.

    After this I start to pay more attention with my android and notice that sometimes, like 1 in 5 attempts, I had a problem with connection speed.

    I have just noticed this issue in android. Right now I will use another device with 3G to use as a client, and see if I can repeat this failure point, but in windows.

    In this server there is no lack of resources, at least with 1 connection doing a speedtest, CPU usage doesnt pass from 10%.

    Router Firewall: Netgate SG-4860

    OpenVPN server config:

    UDP

    tun

    DH Parameter: 1024

    Encryption Algoritm: AES 128 CBC

    Auth digest algoritm: SHA256

    Hardware crypto: BSD cryptodev engine

    Cert depth: One

    Compression: Adaptive compression

    Duplicate connection: yes

    Block Outside DNS: yes

    Force DNS cache update: no
    OpenVPN client config:

    dev tun

    persist-tun

    persist-key

    cipher AES-128-CBC

    auth SHA256

    tls-client

    client

    resolv-retry infinite

    remote x 1194 udp

    lport 0

    verify-x509-name "x" name

    auth-user-pass

    pkcs12 pfSense-udp-1194-fabio.p12

    tls-auth pfSense-udp-1194-fabio-tls.key 1

    ns-cert-type server

    comp-lzo adaptive



  • So I have finally discovered the source of this problem. And I would like to share with you, if you encounter the same issue.

    Seems like one ISP was doing traffic shape, and from what I have saw seems like they are targeting UDP packages. I have not test it to be sure because I have changed both UDP to TCP and also the port number to another non official.

    In Portugal I have tested this VPN with MEO, NOS and Vodafone, and the ISP that I am talking belongs to Vodafone.


Log in to reply