Optimize OpenVPN connection
-
The Pfsense firewall is based on an Intel i3-7100U running at 2.4GHz and has 8GB of RAM and a SSD. No other packages are running and cpu is typically 0-2%. The firewall is on a 300/300 connection and works great. I was recently at a location that also has a 300/300 connection (verified using speedtest on multiple servers) and when I enabled the Openvpn connection I only achieved a 100/100 using multiple speedtests on different servers. Is this typical Openvpn performance? I am running an AES-128-GCM/SHA256 cipher and the crypto engine is set to BSD Cryptodev engine. In the Pfsense Advanced/Misc settings the cryptographic hardware is set to AES-NI and BSD Crypto Device. Anything else I can do to optimize performance? I tried adding sndbuf 524288 and rcvbuf 524288 to the Openvpn custom options but there was no change in performance so I removed them. Suggestions?
-
@jeff3820 said in Optimize OpenVPN connection:
set to BSD Cryptodev engine. In the Pfsense Advanced/Misc settings the cryptographic hardware is set to AES-NI and BSD Crypto Device
Disable both.
Try playing with different values for snd/rcvbuf.
Also, can play with--txqueuelen n
See manual 2.4:
https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage
Above settings apply to server and client separately.