OpenVPN is a well-known VPN client for secure remote access or virtual private networking. If you use OpenVPN and experience a slow speed over its channel, you might be getting annoyed. This issue is very common for all OpenVPN users. While the general advice you can find on the Internet is to tweak the MTU (Maximum transmission unit) value and/or MSSFIX parameters, here is another trick you should try. It can help you significantly improve the bandwith. Here's what you should try.
Open your server.conf file (see the OpenVPN installation directory in Windows and /etc/openvpn in linux) and just add these two lines:
sndbuf 0 rcvbuf 0
This will prevent OpenVPN from tweaking the buffer size between the server and the client. It will be determined by the OS. Windows users who connect to a Linux server will experience faster speeds.
Now, add the same lines to your client configuration file (*.ovpn or *.conf). If for some reason this is not possible, e.g. your client computer is not accessible, put the following additional lines in your server.conf file:
sndbuf 0 rcvbuf 0 push "sndbuf 393216" push "rcvbuf 393216"
OpenVPN over UDP
If you are running OpenVPN over UDP, you might get a better experience by setting fixed buffer values. Try these lines:
sndbuf 393216 rcvbuf 393216 push "sndbuf 393216" push "rcvbuf 393216"
The causes of the slowdown
You might be wondering why and how these tweaks work? Let's refer to the history of OpenVPN. In the year 2004, OpenVPN had a problem with different buffer sizes on different platforms. To unify the data transfer channel, developers set the fixed buffers to 64Kb. However, this caused completely strange issues with the MTU for all adapters in Windows. To fix it, developers hardcoded these lines, which work for non-Windows based servers and clients:
#ifndef WIN32 o->rcvbuf = 65536; o->sndbuf = 65536; #endif
These lines are still presented in the OpenVPN source code, so that is why we are getting the slowdown! Additionally, you can try experimenting with MTU and MSSFIX parameters, if you know what you are doing.
Try with these lines in your config:
tun-mtu 1400 mssfix 1360
In the most common case, MTU on the physical interface is 1500, so it is better to set OpenVPN TUN MTU to a value lower than the real MTU, and MSSFIX to MTU-40, as in the example above.
I hope this article was helpful for you. Share your speed results if you saw a significant improvement (via habr).
Winaero greatly relies on your support. You can help the site keep bringing you interesting and useful content and software by using these options:
If you like this article, please share it using the buttons below. It won't take a lot from you, but it will help us grow. Thanks for your support!