Hello,
I have changed my router from Asus ac66U to openwrt on an BananaPI. The BananaPi should be stronger then the Asus router but my openvpn tunnel is verry slow.
I get only half the speed of the openvpn tunnel on my asus router before.
Bevore I got 1MB/s, now I get 400kB/s.

Can you tell me what settings are responsible and important for slow/fast connections?

openvpn on openwrt (slow)

/config openvpn 'myvpn'
    option enabled '1'
    option proto 'udp'
    option dev 'tun'
    option verb '3'
    option port '1195'
    option server '10.8.3.0 255.255.255.0'
    option persist_tun '1'
    option keepalive '10 120'
    option fast_io 'on'
    option comp_lzo 'adaptive'
    list push 'comp_lzo adaptive'
    list push 'route 192.168.13.0 255.255.255.0'
    list push 'route 192.168.3.0 255.255.255.0'
    list push 'route 192.168.43.0 255.255.255.0'
    option ca '/etc/openvpn/ca.crt'
    option cert '/etc/openvpn/server.crt'
    option key '/etc/openvpn/server.key'
    option dh '/etc/openvpn/dh2048.pem'
    option tls_auth '/etc/openvpn/tlsauth.key 0'
    option ifconfig_pool_persist '/tmp/openvpn-ipp.txt'
    option cipher 'AES-256-CBC'
    option auth 'SHA512'
    option tls_cipher 'TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256:TLS-DHE-RSA-WITH-AES-128-GCM-SHA256:TLS-DHE-RSA-WITH-AES-128-CBC-SHA256:TLS-DHE-RSA-WITH-AES-256-CBC-SHA'
    option client_config_dir '/etc/openvpn/ccd/'
    list route '192.168.3.0 255.255.255.0'
    list route '192.168.43.0 255.255.255.0'

old openvpn on Asus-AC66U (fast)

daemon
topology subnet
server 10.8.8.0 255.255.255.0
proto udp
port 1195
dev tun22
cipher AES-128-CBC
comp-lzo adaptive
keepalive 15 60
verb 3
push "route 192.168.1.0 255.255.255.0"
client-config-dir ccd
client-to-client
duplicate-cn
route 192.168.4.0 255.255.255.0
push "route 192.168.4.0 255.255.255.0"
route 192.168.3.0 255.255.255.0
push "route 192.168.3.0 255.255.255.0"
plugin /usr/lib/openvpn-plugin-auth-pam.so openvpn
client-cert-not-required
username-as-common-name
ca ca.crt
dh dh.pem
cert server.crt
key server.key
status-version 2
status status 10

the only difference is "cypher", but I was told that this setting will net change the connection performance.
And I have tsl_auth and tsl_cypher activated.

What option shall I change? MY connection could get 1.5MB/s. With Asus I got 1MB/s, with openwrt 300-400KB/s. Are there any other options I shall add?

What about "comp_lzo". I have read different settings about that option. What option should be best? Accouring to my asus router I set comp_lzo to "adaptiv".
Shall I add MTU settings? Do I have to add MTU at the client as well?