Problem with OpenVPN Speed limit at 2mbps ?

ictdude - did you figure it out in the end?

Thanks

Thats right but i also have the same problem using a Hetzner server ..

And dont forget if i dont use OpenVPN tunnel and download direct like port 80 or ftp 21
I have full speed. Now i run Tun (Routed) i will try to go Tap (bridged) see what the outcome will be.
Well still dont give up here .. go thru all options ..


SOLVED ...............

I did use a 50/50 up-down line from a company i used to work for ..... And i had the full speed
Conclusion i must be the ISP wh for some reason dont support or block Full access speed openVN.

Strange but what els can it be ...

It could be the data connection between yourself and the server. Which might be outside OVH's control.

Thank you for the reply ..

For testing i did order a small OVH vps server. Use to have dedicated servers here.
Now i am on hetzner. Also on a 1Gbit connection. There i also have a test server.
Connection between servers over OpenVPN looks good.

Its only slow downloading from my provider and a friends cable provider. (adsl and cable speed or 25 and 50 mbps.)

I also connected the Hetzner server to the OVH vps that speed was ok ...

When i download from my OVH vps server its max 3mbps. Don't know why.
Its just a basic debian server with OpenVZ nothing special here ...

If you got some time i can give you a login and would really like to know how it looks from your site ..
I am looking to this problem now a few days ... if you get 10 or 50 on my ovh vps that it must be a other
problem .. how does your server.conf of the openvpn looks like ?

Just run: grep -vE '^#|^;|^$' server.conf in you're openvpn directory ..

We use OpenVPN on a Dedi of ours in OVH and we find that the speed varies depending on time of day. During the day we see a limit of about 10mbit (we are on 100mbit lines in our our office). During the night we can pull upto about 50mbit (Our server is on a 1Gbit connection). So I don't think OVH limit the bandwidth. (by the way that is TCP connection).

What DC are you in?

Thank for you're reply.
Those settings did not make it faster :-(

What is your speed ? From internet to your OpenVPN Server ?
And how do you test this ?

Main diffs with my server and client conf is:

Server config: Test server

# grep -vE '^#|^;|^$' server.conf


tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
port 1194
proto udp
dev tun
ca ca.crt
cert server2.crt
key server2.key # This file should be kept secret
dh dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 3


Client config:

##############################################
# Sample client-side OpenVPN 2.0 config file #
# for connecting to multi-client server. #
# #
# This configuration can be used by multiple #
# clients, however each client should have #
# its own cert and key files. #
# #
# On Windows, you might want to rename this #
# file so it has a .ovpn extension #
##############################################

# the firewall for the TUN/TAP interface.

dev tun

tun-mtu 1500
mssfix 1450

proto udp

remote "Myserver" 1194

resolv-retry infinite

nobind

persist-key
persist-tun

ca ca.crt
cert mysecret.crt
key mysecret.key

ns-cert-type server

comp-lzo

# Set log file verbosity.
verb 3

Thanks for your reply Myatu ..

I already switched UDP to TCP and visa versa.

But i did noticed something strange. Let me explain what i found out:


Some other test i did for diagnose ...

1. home adsl internet to Hetzner server running OpenVPN. 2mbps MAX.
2. Home cable internet (Tested at friends house) --> to Hetzner server running OpenVPN. 2mbps MAX.

3. Did order a OVH VPS ... and did test it again .. same 2mbps MAX ..


Now the strange part:

I have 1 extra test server at Hetzner.

Connected Windows Terminal KVM Proxmox (Hetzner server) to my test Hetzner server (Running OpenVPN)
What did is see ? A speed of 10 mbps and higher.

Then i did install OpenVPN on my OVH vps server.

Connected Windows Terminal KVM Proxmox (Hetzner server) to OVH server (Running OpenVPN)
Again a good speed the TAP device was running at 99 % CPU rise up. So good connection.

So what is the diagnose here ?

If you stay in the data-center (OVH or Hetzner) you have 10 mbps or much higher i noticed.

Its strange if your ISP home internet has like 20 or more download and you only
get a max of 2mbps.

Like the bottleneck is you're ISP cut VPN speed. I did try a cable and adsl ISP.
Both the same speed at 2mbps.

So what do you think now ppffff... Is it OVH Hetzner or you home ISP ?

Any feedback would be welcome ......

My VPN runs through UDP at full speed (TCP added massive latency for me in fact)
Can you post your redacted client / server confs?

Probeer TCP ipv UDP. UDP used to be throttled, which may very well be still the case.

Dear all,

I have successfully installed OpenVPN server.Tunnel works fine but ...
But the download speed is limited at 2mbps ?

Direct download with out tunnel has full speed.
Tun0 network no firewall for now. (For testing)

Version 2.2.1-8+deb7u2
Architecture amd64


I did try all options to fix this like:


1. lack entropy ? install entropy. Now availible 4095.
2. Change MTU settings
3. Disabled compression
4. Did get a fresh test server same problem ?
5. Server has enough power I7 X980 24G RAM
6. net.inet.ip.fastforwarding=1 net.ipv4.ip_forward=1

Do somebody has experience installing this at OVH servers ?
If it works fine on OVH then i will get a OVH box ;-)

I use to have some servers at OVH.
This problem is on some hetzner servers.

I was thinking problem is there network setup.
And maybe i need to get a server at OVH ?

But then how is the speed with OpenVPN at OVH servers ?
So before i get a box here again. :-)

Hetzner has a special network setup. Don't know if that is the problem.
There gateway on a dedicated server is route like this .. (They don't support software only there hardware ..)

# device: eth0

auto eth0

iface eth0 inet static
address 78.46.71.y
broadcast 78.46.71.223
netmask 255.255.255.224
gateway 78.46.71.x

# default route to access subnet

up route add -net 78.46.71.192 netmask 255.255.255.224 gw 78.46.71.x eth0

As you can see there gateway x is indirect routed ...
Must be for security reasons like ?

Here my OpenVPN connection log:


Could connect as usual:

Wed Apr 23 13:12:30 2014 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Apr 23 13:12:30 2014 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Apr 23 13:12:30 2014 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Apr 23 13:12:30 2014 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Apr 23 13:12:30 2014 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Wed Apr 23 13:12:30 2014 [server2] Peer Connection Initiated with [AF_INET] 78.46.x.y:1194 <--- My Debian server
Wed Apr 23 13:12:31 2014 MANAGEMENT: >STATE:1398251551,GET_CONFIG,,,
Wed Apr 23 13:12:32 2014 SENT CONTROL [server2]: 'PUSH_REQUEST' (status=1)
Wed Apr 23 13:12:32 2014 PUSH: Received control message: 'PUSH_REPLY,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5'
Wed Apr 23 13:12:32 2014 OPTIONS IMPORT: timers and/or timeouts modified
Wed Apr 23 13:12:32 2014 OPTIONS IMPORT: --ifconfig/up options modified
Wed Apr 23 13:12:32 2014 OPTIONS IMPORT: route options modified
Wed Apr 23 13:12:32 2014 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Wed Apr 23 13:12:32 2014 MANAGEMENT: >STATE:1398251552,ASSIGN_IP,,10.8.0.6,
Wed Apr 23 13:12:32 2014 open_tun, tt->ipv6=0
Wed Apr 23 13:12:32 2014 TAP-WIN32 device [LAN-verbinding 28] opened: \\.\Global\{C20D36A6-FD19-482F-A061-490FB847CF8A}.tap
Wed Apr 23 13:12:32 2014 TAP-Windows Driver Version 9.9
Wed Apr 23 13:12:32 2014 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.8.0.6/255.255.255.252 on interface {C20D36A6-FD19-482F-A061-490FB847CF8A} [DHCP-serv: 10.8.0.5, lease-time: 31536000]
Wed Apr 23 13:12:32 2014 Successful ARP Flush on interface [2] {C20D36A6-FD19-482F-A061-490FB847CF8A}
Wed Apr 23 13:12:37 2014 TEST ROUTES: 1/1 succeeded len=1 ret=1 a=0 u/d=up
Wed Apr 23 13:12:37 2014 MANAGEMENT: >STATE:1398251557,ADD_ROUTES,,,
Wed Apr 23 13:12:37 2014 C:\WINDOWS\system32\route.exe ADD 10.8.0.1 MASK 255.255.255.255 10.8.0.5
Wed Apr 23 13:12:37 2014 Route addition via IPAPI succeeded [adaptive]
Wed Apr 23 13:12:37 2014 Initialization Sequence Completed

Wed Apr 23 13:12:37 2014 MANAGEMENT: >STATE:1398251557,CONNECTED,SUCCESS,10.8.0.6,78.46 .x.y


Who can help me out here ? Where can be the bottle neck ?