Sign in with
Sign up | Sign in
Your question

OpenVPN Bridging Degrades LAN Transfer Speed

Last response: in Networking
Share
November 2, 2012 7:33:29 PM

I posted this over on the OpenVPN forums, but thought I might also have some luck asking the Tom's community.

First off, I want to say that I am new to networking and VPNs, but I have really enjoyed setting up my own OVPN server and learning along the way. So if I've missed something obvious please keep this in mind.

The impetus for my investigation in OVPN came from my desire to route my internet traffic through my home network while being at school and to have access to my home networked printer and NAS. I decided to go with a bridged OVPN setup on my NAS. I successfully bridged my NAS LAN adapter with the OVPN TAP driver, deployed the server on my NAS, and have had great success accessing my NAS, printer, and LAN remotely. Note that I use Windows 7 on all of my devices.

Everything works well and I can just about max out my home ISP download/upload speed when transferring files over the VPN.

However, I noticed that after deploying the OVPN server my local transfer speeds over my LAN to my NAS are greatly reduced. After several days of trouble shooting I have narrowed the problem to the bridging of the OVPN TAP Device with my NAS LAN adapter.

LAN Transfer over gigabit connection to NAS (6GB file)

In Bridge Connection: ~26MB/s
No Bridge Connection: ~85MB/s

I can't for the life of me figure out why putting the LAN device into a bridged connection with the TAP device would degrade local transfer speeds. In the properties tab the bridge (MAC Miniport) identifies as having a 1Gbps connection.

Anyone have any idea what may be going on here?

For reference I have included my server and client configuration files (although I don't think the VPN server configuration outside of the bridged connection is the issue).

Server Configuration
port 1194
proto udp
dev tap
ca ca.crt
cert server1.crt
key server1.key
dh dh2048.pem
server-bridge
client-to-client
keepalive 10 120
cipher BF-CBC
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 3

Client Configuration
client
redirect-gateway def1
dev tap
proto udp
remote xxx.dyndns.com 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
ns-cert-type server
cipher BF-CBC
comp-lzo
verb 3
!