OpenVPN packet loss



  • Hi all,
    I've setup an OpenVPN client from my pfSense machine (2.4.3 on ESXi 6.7) to a VPS, and I have around 5/10% of packet loss but no disconnection.
    I've tried to configure the same VPN directly on a Windows 10 machine behind the same pfSense and it's working fine without any packet loss.

    I'd exclude DSL-related problems because Windows machine uses the same WAN line and in pfSense interface I have 0% packet loss for that WAN.

    OpenVPN server is configure with UDP tun, encryption AES-128-CBC and autenthication SHA256.
    I've tried to enabling UDP Fast I/O and Intel RDRAND acceleration (I don't know if it's working in virtual environments) but without success.

    Is there something that I can check/tune to solve the problem?

    Thanks,
    Gabriele


  • LAYER 8 Rebel Alliance

    Generally speaking I would not recommend using 6.7 ...it's buggy in many ways.
    Try to switch between VMXNET and E1000 or vice versa.
    When using VMXNET you should have Open-VM-Tools installed.
    Enable promiscuous mode on the vSwitch, Enable MAC Address changes, Enable Forged transmits.

    -Rico



  • Actually I don't have any problem with 6.7 (running Windows Server and Ubuntu Server VMs), seems also strange that problem is caused by vmware because it should affect also traffic from the Windows client that it's behind pfSense but runs VPN flawless without packet loss.
    I've followed all requirements and suggestions in order to virtualize pfSense on ESXi so everything it's already enabled (with VMXNET ethernet interfaces) and it's working fine since some years & upgrades (I think I've installed it when there was pfSense 2.1 and ESXi 5.5/6.0)


Log in to reply