4. Site-to-Site OpenVPN compression slower than Viscosity client

Site-to-Site OpenVPN compression slower than Viscosity client

  • R

    Greetings all,

    I am running a test between my house and the data center using pfSense 2.1.5 and pfSense OpenVPN client vs Viscosity client (Mac version 1.5.3).

    I have two server instances of OpenVPN setup at the DC; one for my Viscosity client listening on port 1194 and the other for the pfSense site-to-site configuration listening on port 1195.  I have enabled LZO compression on both server configs (the server configs are almost 100% identical).  I have enabled LZO compression in my Viscosity config file as well as enabled LZO compression on my client OpenVPN config in pfSense.

    To test the compression speeds, I created a 100MB null test file on a remote server (dd if=/dev/zero of=file bs=1M count=100) and moved this to the web server's directory.  When I establish the OpenVPN connection with my Viscosity client, I get 12MB/sec download using the command, "curl -O http://1.2.3.4/file1".  When I establish the OpenVPN connection using pfSense as the client, I get 7MB/sec download using the same command.  During this time, the CPU on the client side hovers around 55% while the server side stays around 3%.

    I have tried various LZO options on both the OpenVPN client and server configs, but nothing has worked as well as the Viscosity client connection.  I looked over the Viscosity configuration file and made sure the same options were set in the pfSense configs.

    Any pointers?  I would expect both client connection types (Viscosity and pfSense) to give the same compression speeds…

    Thanks.

    0
  • Rebel Alliance Developer Netgate

    How many cores on the client firewall? Sitting at 55% sounds like two cores and one core is fully maxed out.

    Your PC probably has a faster CPU (and perhaps crypto acceleration), so it's not too surprising it handles more VPN traffic than the firewall alone in that case.

    0
  • R

    Thanks jump.

    Yep, that seems to be it.  I am running an ATOM Dual-Core 1.66GHz D510 CPU, and it can only muster about 7-8MB/sec with compression on the OpenVPN tunnel.  I can easily hit 10-11MB/sec using my Mac laptop (Quad-core i7).

    Appreciate the reply.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2019 Rubicon Communications, LLC | Privacy Policy