#1 2017-11-11 15:18:16

lemon
Trusted Member
Registered: 2015-08-27
Posts: 140

improve openvpn speed?

Hi, i use a les box for openvpn, but it's kinda slow (i guess)
I get around 15-20 mbit/s over vpn, ~100 mbit/s on the box itself and 50 mbit/s at my home connection.

Is there something to tweak to get more transmission rate?

server conf:

port *****
proto udp
dev tun
ca /etc/openvpn/easy-rsa/keys/ca.crt
cert /etc/openvpn/easy-rsa/keys/server.crt
key /etc/openvpn/easy-rsa/keys/server.key
dh /etc/openvpn/easy-rsa/keys/dh2048.pem
topology subnet
server *.*.*.* 255.255.255.0
ifconfig-pool-persist ipp.txt
script-security 2
keepalive 10 30
tls-auth /etc/openvpn/easy-rsa/keys/ta.key 0
tls-version-min 1.2
tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-128-GCM-SHA256:TLS-DHE-RSA-WITH-AES-256-CBC-SHA:TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA:TLS-DHE-RSA-WITH-AES-128-CBC-SHA:TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA
auth SHA512
cipher AES-128-CBC
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 0
user openvpn
group openvpn
client-config-dir /etc/openvpn/ccd

client conf:

client
dev tun2
proto udp
remote *.*.*.* *****
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
key-direction 1
tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-128-GCM-SHA256:TLS-DHE-RSA-WITH-AES-256-CBC-SHA:TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA:TLS-DHE-RSA-WITH-AES-128-CBC-SHA:TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA
tls-version-min 1.2
cipher AES-128-CBC
auth SHA512
comp-lzo
verb 0
explicit-exit-notify
script-security 2

maybe worth to mention: client has an armv7 cpu (Broadcom BCM4709A0)

edit: openvpn wiki says disabling comp-lzo on computers with low cpu power will help, but that makes it even slower, ~2,5 mbit/s

Last edited by lemon (2017-11-11 18:15:23)

Offline

Board footer