(SOLVED) There are moments when OpenVPN is extremelly slow with good connections
-
Hello guys,
I have been noticing that some times users got slow connections from client to side, but each connection is 100/10 Fiber or 21/21 4G. There is no bottleneck between each point.
From several random connections that I have made from 4G, some times I got some kind of bottleneck in Upload or Download, and dont know why.
When I noticed some bottleneck in VPN connection, just to confirm, I made speed tests and exit the connection and then made another speed test.
There are some imgs attached, with some tests that I have made using the same connection.
In system logs, there are no errors as well as in user sides.
I am able to share the openVPN server config if want.
Anyone knows or have saw this problem before?
-
Those users with issues are using Windows.
At first I have set openVPN server without forcing that tunnel to be used as a internet gateway, and I had users(I set 3 users to be my beta testers, two windows and one linux) saying that sometimes they was losing the capability to use internet and connect to devices in the other side of the tunnel. Just Windows users had report this problem. In both server and client sides logs, there was no errors.
From tests that I have made with the previous server config, I tested from another network in this router who is doing the openVPN server, and never encounter such problem, and I have used it for weeks. I have also use it in two laptops and my smartphone at home, simultaneous and I have not found any problem.
For this purposes I was thinking that could be an issue with DNS's, so I activated this tunnel to be used as internet gateway.
After this I start to pay more attention with my android and notice that sometimes, like 1 in 5 attempts, I had a problem with connection speed.
I have just noticed this issue in android. Right now I will use another device with 3G to use as a client, and see if I can repeat this failure point, but in windows.
In this server there is no lack of resources, at least with 1 connection doing a speedtest, CPU usage doesnt pass from 10%.
Router Firewall: Netgate SG-4860
OpenVPN server config:
UDP
tun
DH Parameter: 1024
Encryption Algoritm: AES 128 CBC
Auth digest algoritm: SHA256
Hardware crypto: BSD cryptodev engine
Cert depth: One
Compression: Adaptive compression
Duplicate connection: yes
Block Outside DNS: yes
Force DNS cache update: no
OpenVPN client config:dev tun
persist-tun
persist-key
cipher AES-128-CBC
auth SHA256
tls-client
client
resolv-retry infinite
remote x 1194 udp
lport 0
verify-x509-name "x" name
auth-user-pass
pkcs12 pfSense-udp-1194-fabio.p12
tls-auth pfSense-udp-1194-fabio-tls.key 1
ns-cert-type server
comp-lzo adaptive
-
So I have finally discovered the source of this problem. And I would like to share with you, if you encounter the same issue.
Seems like one ISP was doing traffic shape, and from what I have saw seems like they are targeting UDP packages. I have not test it to be sure because I have changed both UDP to TCP and also the port number to another non official.
In Portugal I have tested this VPN with MEO, NOS and Vodafone, and the ISP that I am talking belongs to Vodafone.