OpenWrt Forum Archive

Topic: Performance of openvpn server @ openwrt

The content of this topic has been archived on 1 Apr 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

Post #1
serious
16 Mar 2006, 01:20

Hi,

I got a openvpn server for secure wifi communication and for lan access on the road. When i access the local network via the internet from remote places (like the university smile i got no speed problems. Ok hands up. On the road i only use imap and stuff.
But when i access the lan via the wireless network through the openvpn sever i got really bad performace compared to the avaliable bandwith of the wireless network. I allways have a very good radio connection with 56Mbps (i think that shoud be somthing around 30mbits due to the protocol overhead)
So my connection shoud be able to transfer data with around three to four mega-bytes/sec. To test this i tried various file transfer protocols (smb,nfs,ftp) to transfer data. Thease transferes are not at least 1MB/sec! So I cannot even play movies via nfs/smb shares without interruption.

I hope you guys got any sugestions on performance tuning. I allready thought of moving the openvpn server to my fileserver(dual celeron 500) but that would complicate the firewall extreemly i guess smile

-seri

Post #2
vincentfox
16 Mar 2006, 01:36

I would not expect BOOYA  performance  out of OpenVPN on the WRT platform. It's an itty-bitty CPU with no special encryption hardware.  Check command "top" while you are doing some of these transfers and you probably see it is maxed out.  I'll assume you use UDP already. You could drop encryption down to lower levels but that quickly defeats the purpose of using OpenVPN doesn't it?

Post #3
mpot
16 Mar 2006, 16:23

I've done some testing with OpenVPN on a WRT54GS running OpenWrt, and found that OpenVPN limits the throughput to approx 300kbytes/sec (ie, ~3Mbps).

Cheers,
Martin.

Post #4
tosuja
17 Mar 2006, 09:27

I don't use openvpn but vtun instead. AFAIK they use the same cipher and I have found that Broadcom CPU running at 200MHz is able to encrypt 4-5Mb/s of traffic. I suggest to use WPA and no tunneling (or unencrypted vtun at least) - Broadcom CPUs have hardwired TKIP/WEP/WPA2 encryption/decryption engine. Throughput using WPA2 (AES) is ~12Mbps, which means that it does barely slow it down - I never got above 15Mb/s on Linksys radio....

Post #5
loyukfai
10 Jul 2007, 19:27

Just wonder, if anybody has tested the OpenVPN performance on newer hardware, like those Draft-N routers...?

The discussion might have continued from here.