psikey 1 Posted ... After updating my firmware I finally managed to get OpenVPN working in the router but even the Router CPU shows only average of 25% load I'm only getting max of 10Mbps compared to using the Windows Client on a PC where it can reach over 4MBps (have a 40/10 connection). This is using my nearest UK server. Does my log file look normal with all the disconnect messages. Also, do you have to use the AirVPN DNS because I use OpenDNS for traffic filtering? Serverlog Clientlog 20121013 16:23:36 I OpenVPN 2.2.1 mips-linux [sSL] [LZO2] built on Jul 20 2012 20121013 16:23:36 MANAGEMENT: TCP Socket listening on 127.0.0.1:5001 20121013 16:23:36 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20121013 16:23:36 W WARNING: file '/tmp/openvpncl/client.key' is group or others accessible 20121013 16:23:36 I LZO compression initialized 20121013 16:23:36 Control Channel MTU parms [ L:1560 D:140 EF:40 EB:0 ET:0 EL:0 ] 20121013 16:23:36 Socket Buffers: R=[87380->131072] S=[16384->131072] 20121013 16:23:36 Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ] 20121013 16:23:36 Local Options String: 'V4 dev-type tun link-mtu 1560 tun-mtu 1500 proto TCPv4_CLIENT comp-lzo cipher AES-256-CBC auth SHA1 keysize 256 key-method 2 tls-client' 20121013 16:23:36 Expected Remote Options String: 'V4 dev-type tun link-mtu 1560 tun-mtu 1500 proto TCPv4_SERVER comp-lzo cipher AES-256-CBC auth SHA1 keysize 256 key-method 2 tls-server' 20121013 16:23:36 Local Options hash (VER=V4): '958c5492' 20121013 16:23:36 Expected Remote Options hash (VER=V4): '79ef4284' 20121013 16:23:36 I Attempting to establish TCP connection with 31.193.12.74:443 [nonblock] 20121013 16:23:37 I TCP connection established with 31.193.12.74:443 20121013 16:23:37 I TCPv4_CLIENT link local: [undef] 20121013 16:23:37 I TCPv4_CLIENT link remote: 31.193.12.74:443 20121013 16:23:37 TLS: Initial packet from 31.193.12.74:443 sid=7eb3da51 c47868dd 20121013 16:23:38 VERIFY OK: depth=1 /C=IT/ST=IT/L=Perugia/O=airvpn.org/CN=airvpn.org_CA/emailAddress=info@airvpn.org 20121013 16:23:38 VERIFY OK: nsCertType=SERVER 20121013 16:23:38 VERIFY OK: depth=0 /C=IT/ST=IT/L=Perugia/O=airvpn.org/CN=server/emailAddress=info@airvpn.org 20121013 16:23:40 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key 20121013 16:23:40 NOTE: --mute triggered... 20121013 16:23:40 4 variation(s) on previous 5 message(s) suppressed by --mute 20121013 16:23:40 I [server] Peer Connection Initiated with 31.193.12.74:443 20121013 16:23:42 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1) 20121013 16:23:42 PUSH: Received control message: 'PUSH_REPLY redirect-gateway def1 dhcp-option DNS 10.5.0.1 comp-lzo no route 10.5.0.1 topology net30 ping 10 ping-restart 60 ifconfig 10.5.1.42 10.5.1.41' 20121013 16:23:42 OPTIONS IMPORT: timers and/or timeouts modified 20121013 16:23:42 OPTIONS IMPORT: LZO parms modified 20121013 16:23:42 OPTIONS IMPORT: --ifconfig/up options modified 20121013 16:23:42 NOTE: --mute triggered... 20121013 16:23:42 2 variation(s) on previous 5 message(s) suppressed by --mute 20121013 16:23:42 I TUN/TAP device tun1 opened 20121013 16:23:42 TUN/TAP TX queue length set to 100 20121013 16:23:42 I /sbin/ifconfig tun1 10.5.1.42 pointopoint 10.5.1.41 mtu 1500 20121013 16:23:42 /sbin/route add -net 31.193.12.74 netmask 255.255.255.255 gw 81.23.59.242 20121013 16:23:42 /sbin/route add -net 0.0.0.0 netmask 128.0.0.0 gw 10.5.1.41 20121013 16:23:42 /sbin/route add -net 128.0.0.0 netmask 128.0.0.0 gw 10.5.1.41 20121013 16:23:42 /sbin/route add -net 10.5.0.1 netmask 255.255.255.255 gw 10.5.1.41 20121013 16:23:43 I Initialization Sequence Completed 20121013 16:24:57 MANAGEMENT: Client connected from 127.0.0.1:5001 20121013 16:24:57 D MANAGEMENT: CMD 'state' 20121013 16:24:57 MANAGEMENT: Client disconnected 20121013 16:24:57 MANAGEMENT: Client connected from 127.0.0.1:5001 20121013 16:24:57 D MANAGEMENT: CMD 'state' 20121013 16:24:57 MANAGEMENT: Client disconnected 20121013 16:24:57 MANAGEMENT: Client connected from 127.0.0.1:5001 20121013 16:24:57 D MANAGEMENT: CMD 'state' 20121013 16:24:57 MANAGEMENT: Client disconnected 20121013 16:24:57 MANAGEMENT: Client connected from 127.0.0.1:5001 20121013 16:24:57 D MANAGEMENT: CMD 'log 500' 19700101 00:00:00 Quote Share this post Link to post
Staff 9772 Posted ... After updating my firmware I finally managed to get OpenVPN working in the router but even the Router CPU shows only average of 25% load I'm only getting max of 10Mbps compared to using the Windows Client on a PC where it can reach over 4MBps (have a 40/10 connection). This is using my nearest UK server.Hello!It appears correct, your router can't probably handle more than 10 Mbit/s throughput. As you can see from your Windows connection (32 Mbit/s) the "bottleneck" is not on our side or your ISP side, but on the router.Does my log file look normal with all the disconnect messages.You should check whether you have a stable VPN connection. If you have it, you can safely ignore the final part of those logs.Also, do you have to use the AirVPN DNS because I use OpenDNS for traffic filtering?You can use the DNS servers you prefer, however for optimal privacy protection you should either tunnel your DNS queries or use the Air DNS server.Kind regards Quote Share this post Link to post
psikey 1 Posted ... Thanks for the quick reply, where does it show the router is the bottleneck? Model Netgear WNDR3700 Firmware VersionDD-WRT v24-sp2 (07/20/12) std - build 19519 It is currently showing a load of 70% hitting a download of 950 kB/s so obviously not going to get much higher Didn't realise the router had such a big impact! Any routers you recommend with enough power ?? Quote Share this post Link to post
psikey 1 Posted ... Where does it show the router is the limit? ModelNetgear WNDR3700 Firmware VersionDD-WRT v24-sp2 (07/20/12) std - build 19519 CPU ModelAtheros AR7161 rev 2 (0xaa) CPU Clock680 MHz Load Average %0.78, 0.41, 0.20 MemoryTotal Available 94% 61916 kB / 65536 kB Free 56% 34496 kB / 61916 kB Used 44% 27420 kB / 61916 kB Buffers 12% 3284 kB / 27420 kB Cached 38% 10404 kB / 27420 kB Active 30% 8360 kB / 27420 kB Inactive 30% 8292 kB / 27420 kB It is currently pulling 70% CPU with a 950kB/s download so not going to get much higher! Any router recommendation that will perform better? Quote Share this post Link to post
Staff 9772 Posted ... Where does it show the router is the limit?ModelNetgear WNDR3700 Firmware VersionDD-WRT v24-sp2 (07/20/12) std - build 19519 CPU ModelAtheros AR7161 rev 2 (0xaa) CPU Clock680 MHz Load Average %0.78, 0.41, 0.20 MemoryTotal Available 94% 61916 kB / 65536 kB Free 56% 34496 kB / 61916 kB Used 44% 27420 kB / 61916 kB Buffers 12% 3284 kB / 27420 kB Cached 38% 10404 kB / 27420 kB Active 30% 8360 kB / 27420 kB Inactive 30% 8292 kB / 27420 kBIt is currently pulling 70% CPU with a 950kB/s download so not going to get much higher! Any router recommendation that will perform better?Hello!AES-256-CBC encryption/decryption (the data channel cipher mode we picked for OpenVPN) of tens of Mbit/s throughput requires a CPU power which, while widely available on desktop and laptop computer since years, is still problematic for most routers CPUs. You can find more information on DD-WRT forums, most probably users and developers there will be able to give you some recommendations on high-end DD-WRT compatible routers with enough processing power to break the 8-10 Mbit/s limit. You might like to specify that the encryption method for the data channel in the OpenVPN servers you use is AES-256-CBC. The packet authentication (HMAC SHA-160bit) and the RSA auth keys (2048 bit) are not relevant for a CPU.Kind regards Quote Share this post Link to post
Not connected, Your IP: 18.220.126.5
Online: 23812 users - 293376 Mbit/s total BW