OpenVPN + DD-WRT (VPN) = Speed ???

February 7 Lars-Georg S. Paulsen 1 Comment

If you have tried OpenVPN with a DD-WRT device as client, you might have some speed issues.
I’ve now been running a OpenVPN configure based on SmoothWall+Zerina and DD-WRT (VPN) has client, (check Tutorial SmootWall+Zerina+DD-WRT ). The setup has been working as a charm, but when I now have started playing with NFS over VPN, I defiantly see some issue regarding speed.

Some basic info:

Server
OS: Smoothwall + Zerian OpenVPN Patch
Hardware: AMD 2800+, 1GB RAM.
Connection: 20Mbit

Client #1
OS: DD-WRT v24sp1 VPN
Hardware: Linksys WRT54GL
Connection: 17Mbit/3Mbit

Client #2
OS: OS X 10.5.6
Hardware: Intel 2×2.66Ghz, 6GB FB RAM.
Connection: 17Mbit/3Mbit

After playing with NFS over my old setup, I was on the edge of giving up. There was no way in h*** that I would get more then 3Mbit over the openVPN link. While reading up on openVPN and speed, I came over encryption methods. Check my setting on the smoothwall, I knew that I was running the fastest encryption method, so that was not the problem. But all encryption methods need hardware power to encrypt/decrypt. That’s when I knew I was on to something…..

Setting up some ftp session to the server using my old setup. Let it run for a while, and check load on DD-WRT powered router.

Firmware: DD-WRT v24-sp1 (07/27/08) vpn
Time: 21:44:26 up 6:41, load average: 1.83, 1.59, 1.10

The DD-WRT router was heaving overloaded, and the best speed I could get out of the connection was about 3Mbit. (From server to Client). I also check the Smoothwall as well, and there was no load at all, so the issue had to be related to the DD-WRT device.

aesir-openvpn
fig. 1

Moving from Client #1 to Client #2 (see figure above – Green line is the OpenVPN link), the speed increased dramatically. I now had a MacPro with loads of horsepower to do the decryptions, and I now maxed out the bandwidth on the client side. (not really, got about 14Mbit but that’s about what I get out of this line.)

Conclusion:

By moving the client from DD-WRT to the “real” client,
I managed to get an increase in speed with over 400%.

If you do not need the move large file over the openVPN link, the DD-WRT as a client is a good solution. This is special good if you have many clients. Since you only need to manage one device (both on server side and client side). BUT if you need to move a bit date (e.g. backup), you better of with setting up client on every machine that needs access to the VPN…..

One Comment to

  • flour storage containers19/06/2013

    Appreciating the dedication you put into your website and detailed information you provide.

    It’s awesome to come across a blog every once in a while that isn’t the same unwanted rehashed
    material. Great read! I’ve bookmarked your site and I’m
    adding your RSS feeds to my Google account.

    • Leave a Comments