1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

OpenVPN Speed/Performance

Discussion in 'Tomato Firmware' started by free2share, Apr 6, 2010.

  1. free2share

    free2share Networkin' Nut Member

    I wanted to know what other have experienced for thier file transfer speed when connected to OpenVPN. I'm using a WRT54G-TM as a server connected at 20/3Mb. I have a XP client connected at 10Mb. The WRT54G-TM is able to get 1MB directly, but once it's in the OpenVPN, it seems to be capped at 400KB/s. Is this a limitation of the router or the settings in OpenVPN server?

    WRT54G-TM (OpenVPN Server)----20/3Mb<---ISP<---10/10Mb---XP Client

    WRT54G-TM: 300-400KB/s** tomatovpn-1.27vpn3.6
    WRT54G-TM: 200-300KB/s** tomato-1.27-ND-9044MIPSR1-beta07-vpn3.6

    **Test during normal usage and thus the performance varies.

    What router, firmware, and speed are you getting over your VPN?
     
  2. mstombs

    mstombs Network Guru Member

    I suspect its the CPU in the router, have you tried overclocking to see if 250MHz gets higher throughput?

    Interesting the Linux 2.6 much lower throughput - I've also seen that reported with OpenWRT
     
  3. free2share

    free2share Networkin' Nut Member

    This is what my results. It seem to help a little bit, but no where near 1MB/s

    - WRT54G-TM @ 200MHz: 340-360KB/s** tomato-K26-1.27.9045MIPSR1-beta10-vpn3.6
    - WRT54G-TM @ 250MHz: 380-400KB/s** tomato-K26-1.27.9045MIPSR1-beta10-vpn3.6

    ** Tested during minimal network usage
     
  4. rhester72

    rhester72 Network Guru Member

    mstombs is corrent - you are constrained by the CPU speed of your router. Asus RT-N16 is king of the hill in that department at this time, but the best throughput of all will be achieved by hosting your VPN client and server on dedicated machines behind the router rather than on the router itself.

    Rodney
     
  5. free2share

    free2share Networkin' Nut Member

    Thanks for your replies ..

    tomatovpn-1.27vpn3.6 when I was using SgtPepperKSU's version, I was able to get about 400KB/s without any kind of OC. Once I upgraded to the other teddy_bear's firmware, I noticed that I dropped about 100KB/s. teddy_bear 's firmware has SgtPepperKSU's VPN incorporated into the current firmware.

    I wanted to see what other people's real world experience is with the OpenVPN server on their router. Do you know what the VPN thoughput cap will be on a RT-N16?
     
  6. lanmtl

    lanmtl Addicted to LI Member

    I tried OpenVPN on my WRT54G with stock frequencies but I had to drop it altogether... It was much too slow and this is definitely a CPU issue. Check your CPU loads with the uptime command via ssh before and just after an stress OpenVPN session. Mine were at the max hence the slow throughput
     
  7. free2share

    free2share Networkin' Nut Member

    My CPU load: 1.06 / 0.65 / 0.29

    I setup local connections and bypassed the ISP. The test is ran on the single router with different firmware at stock speed and OC at 250MHz.

    (Computer) -- WAN -- WRT54G-TM -- LAN -- (NAS)

    WRT54G-TM (tomatovpn-ND-1.27vpn3.6, SgtPepperKSU)
    @ 200MHz - 485-515KB/s
    @ 250MHz - 600-630KB/s

    WRT54G-TM (tomato-K26-1.27.9045MIPSR1-beta10-vpn3.6, teddy_bear)
    @ 200MHz - 340-360KB/s
    @ 250MHz - 380-410KB/s

    I would hope that the newer fork of the firmware would keep the same or improved performance, but what I am seeing is decrease in performance.​
     
  8. humba

    humba Network Guru Member

    Actually.. I had two WRT54GLs in a Gigabit network and did some throughput tests, and checked the CPU load during the tests, and the load was somewhere in the range of 0.5.. (with speeds up to 600KB/s for FTP transfers) so that's half the available processor power. Therefore, it cannot be CPU constrained (unless the GUI reporting is incorrect.. I don't think I checked with top on a console)
    I've been meaning to terminate the tunnel on a server to see the theoretical limit, but given those experiments, the router should be able to deliver much higher troughput despite the slow CPU.
     
  9. free2share

    free2share Networkin' Nut Member

    humba, the number I got were passing through VPN. I didn't try doing a straight copy. I will try that tonight and report back.
     
  10. humba

    humba Network Guru Member

    My experiment was through a tunnel, too. I ran an FTP server in my lab, put a WRT54GL with VPN Tomato in the same subnet, connected using OpenVPN from my box in the productive lab, and downloaded something from the lab FTP. I found it pretty weird that the connection maxed out speed wise (doing a copy without VPN delivers maybe 50MB/s and that's I/O constrained) when the router CPU wasn't maxed out..
     
  11. lanmtl

    lanmtl Addicted to LI Member

    I guess it depends on the number of connections and also the encryption of the VPN.
    My tests were with an OpenVPN 2048bits over the internet. I made sure the connection had no load and tested with and without the VPN. Without I maxed it at 4.3mbps but with I was around 300—400ko/s if I remember correctly. I tried several servers located on different routes to make sure it wasn't a route issue.
    Then I checked the CPU load and it was constantly around 1.00 that's why I concluded this was a CPU power issue rather than anything else.
    Connecting the distant VPN server on a computer inside the network and passing through the WRT54G gets much higher speeds (3+ mbps).
    I was only downloading off 5 usenet connections on all the tests and benchmarking with both pingtest.com and speedtest.com
     
  12. mstombs

    mstombs Network Guru Member

    Thanks - as the -TM doesn't have usb ports and the K26 version flashes the power led - TM users should stick with the K24 version.

    Is there a teddy_bear k24 (with latest 2.4.37 kernel) and vpn that could also be tested?
     
  13. badran

    badran Networkin' Nut Member

    Using two WRT54GL's to connect to remote locations server/client OPENvpn using SgtPepper's 1.25 and 1.27 firmware. The issue is CPU related. Those the limits of a 200 MHZ mips proc.

    For better throughput, will be moving to dedicated boxes behind the routers.
     

Share This Page