Pfsense on proxmox - slow openvpn
-
I know this question has been asked before in various forms.
But I have read lot's of threads and not managed to fix my issue yet.I am running proxmox with pfsense. Both up to date.
My cpu is a Ryzen 5 3400G
I have a 2 port intel NIC dedicated for pfsense.
It quite happily routes my 350/35 internet no problem.I added an openvpn server and after connecting from a remote client and running iperf at most I get 30mbit. (out of the 350 available) Threads seem to imply 300 is possible. But I should at least get more like 100.
Things I have changed:
- Disabled Hardware Checksum offload (Already had this)
- Change cpu setting to "host" in proxmox (Which allowed the next 2 steps)
- Enabled aes in the main settings
- Enabled crypto on the vpn server
- net.inet.ip.fastforwarding=1
- Different encryption algorithms. AES-128-GCM, AES-256-CBC, AES-256-GCM
All with the same exact result.
Any ideas on next steps I can try.
It feels like I have done all the reccomended steps. -
what do you have on the other side of the tunnel? the same line/speed?
you probably have 30mbit out of the 35 not out of 350 -
My home connection is 350Mbps down 35Mbps up.
Home is the pfsense and vpn server.
Home is the iperf server.My vps is on linode and should not be the limiting factor. fast.com test shows 300Mbps/420Mbps.
I am connecting from my vps to home using openvpn and running iperf in client mode.
So the iperf data is upload from my vps (limit 420Mbps). Download from my home (limit 350Mbps)
So I think I should have 350Mbps available for this iperf test.
Unless I have missed something.
-
I am having the same issue.
A iperf to the WAN side of the pfSense VM over the internet shows 900Mbps. When I try and punch it through OpenVPN site-to-site using the same config as you, 80Mbps. Both sides are 3.5GHz+ Xeon/Ryzen CPUs, but CPU usage on pfSense on both sides is 5%.
An iperf from the WAN -> LAN interface (on a different KVM bridge) also shows 800Mbps+.
