I wrestle to repair sluggish downloads on a machine performing as each reverse proxy and openvpn server, when the reverse proxy serves content material from a vpn consumer.
I’ve three machines (in numerous places, completely different networks) that I have been utilizing to attempt to clear up this difficulty:
- Server (Ubuntu 22)
- Shopper (Ubuntu 22)
- Laptop computer (Home windows 11)
The Server runs openVPN server v 2.6.13, and each Shopper and Laptop computer hook up with it.
The Server additionally runs a reverse proxy; accepting inbound connections and passing them to the VPN IP of Shopper. That is the place I noticed the issue initially; downloading information from the service on Shopper was performing actually dangerous.
Nevertheless; after digging round in reverse proxy settings for a bit with none enchancment I began utilizing iperf3 to exclude the reverse proxy as a supply of error.
I began an iperf3 server on Shopper, and ran assessments from Laptop computer and Server with the next command, to simulate Shopper sending information:
iperf3 -c [IP of Client] -R
that is the results of my take a look at between Server and Shopper:
Connecting to host [REDACTED], port 5201
Reverse mode, distant host [REDACTED] is sending
[ 5] native [REDACTED] port 42646 linked to [REDACTED] port 5201
[ ID] Interval Switch Bitrate
[ 5] 0.00-1.00 sec 454 KBytes 3.72 Mbits/sec
[ 5] 1.00-2.00 sec 163 KBytes 1.33 Mbits/sec
[ 5] 2.00-3.00 sec 308 KBytes 2.53 Mbits/sec
[ 5] 3.00-4.00 sec 416 KBytes 3.41 Mbits/sec
[ 5] 4.00-5.00 sec 404 KBytes 3.31 Mbits/sec
[ 5] 5.00-6.00 sec 235 KBytes 1.92 Mbits/sec
[ 5] 6.00-7.00 sec 184 KBytes 1.51 Mbits/sec
[ 5] 7.00-8.00 sec 540 KBytes 4.43 Mbits/sec
[ 5] 8.00-9.00 sec 94.7 KBytes 776 Kbits/sec
[ 5] 9.00-10.00 sec 475 KBytes 3.89 Mbits/sec
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval Switch Bitrate Retr
[ 5] 0.00-10.04 sec 3.31 MBytes 2.76 Mbits/sec 309 sender
[ 5] 0.00-10.00 sec 3.20 MBytes 2.68 Mbits/sec receiver
And that is the end result between Laptop computer and Shopper:
Connecting to host [REDACTED], port 5201
Reverse mode, distant host [REDACTED] is sending
[ 5] native [REDACTED] port 37536 linked to [REDACTED] port 5201
[ ID] Interval Switch Bitrate
[ 5] 0.00-1.00 sec 6.54 MBytes 54.9 Mbits/sec
[ 5] 1.00-2.00 sec 7.95 MBytes 66.7 Mbits/sec
[ 5] 2.00-3.00 sec 9.06 MBytes 76.0 Mbits/sec
[ 5] 3.00-4.00 sec 7.83 MBytes 65.7 Mbits/sec
[ 5] 4.00-5.00 sec 7.03 MBytes 59.0 Mbits/sec
[ 5] 5.00-6.00 sec 3.69 MBytes 31.0 Mbits/sec
[ 5] 6.00-7.00 sec 5.05 MBytes 42.3 Mbits/sec
[ 5] 7.00-8.00 sec 6.37 MBytes 53.5 Mbits/sec
[ 5] 8.00-9.00 sec 5.89 MBytes 49.4 Mbits/sec
[ 5] 9.00-10.00 sec 6.62 MBytes 55.6 Mbits/sec
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval Switch Bitrate Retr
[ 5] 0.00-9.27 sec 67.9 MBytes 61.5 Mbits/sec 586 sender
[ 5] 0.00-10.00 sec 66.0 MBytes 55.4 Mbits/sec receiver
Since each Laptop computer and Shopper join as VPN purchasers of Server, all communication between Laptop computer and Shopper move by means of Server, this has additionally been noticed by monitoring with iftop throughout a iperf3-test.
MTU is about at 1500 throughout all three machines, there’s negligeble cpu utilization improve throughout the take a look at runs.
I’ve tried setting sndbuf and rcvbuf to 0, having them at 512000, disabling NIC offloading (gro, tso, gso) on Server and Shopper however I observe no change for higher or worse updating these settings.
I can’t perceive why the bitrate is way decrease between Server and Shopper, in comparison with Laptop computer and Shopper (the place all information is distributed through Server)?
Any recommendation is appreciated, thanks upfront.