|
|
howard ho <hho@xxxxxxxxx> said: > Hi James, > > OpenVPN is such a great product. Easy to install and configure. I have > installed it on our corporate firewall to allow road-warriors to access the > corporate LAN and PBX systems (IP telephony). Some users noticed once the > link is established with the TLS server, the bandwidth of the data channel > is reduced substantially; as noticed when streaming audio fails to work. I > just wonder if you might some idea about where the problem might come from? > > I'm running OPENVPN TLS server on the firewall and the users are running > Windows2000 as TLS client. I can send you the .conf files if it helps. > > thank you > > Howard > Howard, The issues I'm aware of with regards to performance are: (1) The linux TAP driver has some performance issues. Not sure if you are using it. Using a TUN driver is almost always a better choice with regards to performance. The latest Windows client supports it now. If you are using windows file sharing or samba, you may need to reconfigure some things in order to get everything to work without broadcasts (TUN drivers don't pass broadcasts). (2) A lot of performance problems are caused by inefficient fragmentation which occur when packets which are already the max size for medium get expanded due to encryption and encapsulation overhead. A new option --mssfix is a good solution to this problem. Try adding "mssfix 1400" to your config on at least one side of the connection. (3) Sometimes windows file sharing may be slow, even when the tunnel itself is capable of supporting higher speeds. If you are noticing problems with windows file sharing performance, try an FTP transfer over the same tunnel and compare performance with windows file sharing. James ____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users |