PIVPN slowed speed
darrenmurphy7 opened this issue · 10 comments
In raising this issue, I confirm the following:
{please fill the checkboxes, e.g: [X]}
- I have read the documentation
- [] Is it a feature request? please consider opening a [Discussion] (https://github.com/pivpn/pivpn/discussions/new?category=feature-requests)
- [] Is this a support request? please consider copying the content of this document and using it to open a Discussion
- I have read and understood the PiVPN General Guidelines
- [] The issue I am reporting can be replicated.
- The issue I am reporting is directly related to the pivpn installer script.
- [] The issue I am reporting isn't a duplicate (see FAQs, closed issues, and open issues).
Has your install failed?
no
Describe the issue
All installs are successful for Debian Raspian 64bit, PIVPN & OPENVPN. I can successfully connect to the PIVPN but internet speed tests for PIVPN are about 50% less than No VPN or with OPENVPN cloud.
Expected behavior
A clear and concise description of what you expected to happen.
I expected PIVPN to return the same internet speeds as OPENVPN cloud but they are 50% less on multiple tests.
Screenshots
If applicable, add screenshots to help explain your problem.
Can you replicate the issue? Describe the steps below
Steps to reproduce the behavior:
- Go to '...'
- Click on '....'
- Scroll down to '....'
- See error
Have you searched for similar issues and solutions?
(yes/no / which issues?)
Yes but there did not appear to be any clear answer for this issue.
Additional context
Add any other context about the problem here.
Have you taken any steps towards solving your issue?
Yes
which?
I have found other suggestions from outside regarding the MTU speed. So I have tried the following, also without an increase in speed.
I have established my MTU speed with ping -M do -s 1470 -c 1 www.bing.com.au
I have added my OPENVPN user.ovpn file... mssfix 1430 (Being 1470-40) as recommened by the website that suggested this.
Please provide your system information
What type of hardware are you running PiVPN at?
Raspberrypi (specify the model) Raspberry Pi4 8GB
Ordroid
OrangePi
bananaPi
Virtual machine
Output of uname -a
Linux raspberrypi 5.15.84-v8+ #1613 SMP PREEMPT Thu Jan 5 12:03:08 GMT 2023 aarch64 GNU/Linux
OUTPUT HERE / ANSWER HERE
DO NOT DELETE THE BACK-TICKS
PASTE THE OUTPUT INSIDE THE BACK-TICKS
Output of cat /etc/os-release
PRETTY_NAME="Debian GNU/Linux 11 (bullseye)"
NAME="Debian GNU/Linux"
VERSION_ID="11"
VERSION="11 (bullseye)"
VERSION_CODENAME=bullseye
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"
OUTPUT HERE / ANSWER HERE
DO NOT DELETE THE BACK-TICKS
PASTE THE OUTPUT INSIDE THE BACK-TICKS
If install failed Please provide the console output of curl -L https://install.pivpn.io | bash
Did not fail
OUTPUT HERE / ANSWER HERE
DO NOT DELETE THE BACK-TICKS
PASTE THE OUTPUT INSIDE THE BACK-TICKS
Console output of curl -L install.pivpn.io | bash
Successfully installed
OUTPUT HERE
DO NOT DELETE THE BACK-TICKS
PASTE THE OUTPUT INSIDE THE BACK-TICKS
Console output of pivpn add or pivpn add nopass
User successfully added
OUTPUT HERE
DO NOT DELETE THE BACK-TICKS
PASTE THE OUTPUT INSIDE THE BACK-TICKS
Console output of pivpn debug
::: Generating Debug Output
:::: PiVPN debug ::::
=============================================
:::: Latest commit ::::
Branch: master
Commit: f7f81e1bf47b5f4564b6ded7a516da5fd3c2f63c
Author: 4s3ti
Date: Mon Nov 28 23:32:17 2022 +0100
Summary: fix(scripts): uninstall default option
=============================================
:::: Installation settings ::::
PLAT=Debian
OSCN=bullseye
USING_UFW=1
pivpnforceipv6route=1
IPv4dev=wlan0
dhcpReserv=1
IPv4addr=192.168.1.100/24
IPv4gw=192.168.1.1
install_user=pia
install_home=/home/pia
VPN=openvpn
pivpnPROTO=udp
pivpnPORT=1194
pivpnDNS1=10.175.9.1
pivpnDNS2=
pivpnSEARCHDOMAIN=
pivpnHOST=REDACTED
TWO_POINT_FOUR=1
pivpnENCRYPT=256
USE_PREDEFINED_DH_PARAM=
pivpnDEV=tun0
pivpnNET=10.175.9.0
subnetClass=24
pivpnenableipv6=0
ALLOWED_IPS=""
UNATTUPG=1
INSTALLED_PACKAGES=(grepcidr bsdmainutils openvpn unattended-upgrades)
HELP_SHOWN=1
=============================================
:::: Server configuration shown below ::::
dev tun
proto udp
port 1194
ca /etc/openvpn/easy-rsa/pki/ca.crt
cert /etc/openvpn/easy-rsa/pki/issued/raspberrypi_e8d27b2c-2c12-42ea-8fca-85fc54b490f2.crt
key /etc/openvpn/easy-rsa/pki/private/raspberrypi_e8d27b2c-2c12-42ea-8fca-85fc54b490f2.key
dh none
ecdh-curve prime256v1
topology subnet
server 10.175.9.0 255.255.255.0
# Set your primary domain name server address for clients
push "dhcp-option DNS 10.175.9.1"
push "block-outside-dns"
# Override the Client default gateway by using 0.0.0.0/1 and
# 128.0.0.0/1 rather than 0.0.0.0/0. This has the benefit of
# overriding but not wiping out the original default gateway.
push "redirect-gateway def1"
client-to-client
client-config-dir /etc/openvpn/ccd
keepalive 15 120
remote-cert-tls client
tls-version-min 1.2
tls-crypt /etc/openvpn/easy-rsa/pki/ta.key
cipher AES-256-CBC
auth SHA256
user openvpn
group openvpn
persist-key
persist-tun
crl-verify /etc/openvpn/crl.pem
status /var/log/openvpn-status.log 20
status-version 3
syslog
verb 3
#DuplicateCNs allow access control on a less-granular, per user basis.
#Remove # if you will manage access by user instead of device.
#duplicate-cn
# Generated for use by PiVPN.io
=============================================
:::: Client template file shown below ::::
client
dev tun
proto udp
remote REDACTED 1194
resolv-retry infinite
nobind
remote-cert-tls server
tls-version-min 1.2
verify-x509-name raspberrypi_e8d27b2c-2c12-42ea-8fca-85fc54b490f2 name
cipher AES-256-CBC
auth SHA256
auth-nocache
verb 3
=============================================
:::: Recursive list of files in ::::
::: /etc/openvpn/easy-rsa/pki shows below :::
/etc/openvpn/easy-rsa/pki/:
ca.crt
crl.pem
Default.txt
dmpivpn.ovpn
index.txt
index.txt.attr
index.txt.attr.old
index.txt.old
issued
openssl-easyrsa.cnf
private
revoked
safessl-easyrsa.cnf
serial
serial.old
ta.key
vars
vars.example
/etc/openvpn/easy-rsa/pki/issued:
dmpivpn.crt
raspberrypi_e8d27b2c-2c12-42ea-8fca-85fc54b490f2.crt
/etc/openvpn/easy-rsa/pki/private:
ca.key
dmpivpn.key
raspberrypi_e8d27b2c-2c12-42ea-8fca-85fc54b490f2.key
/etc/openvpn/easy-rsa/pki/revoked:
private_by_serial
reqs_by_serial
/etc/openvpn/easy-rsa/pki/revoked/private_by_serial:
/etc/openvpn/easy-rsa/pki/revoked/reqs_by_serial:
=============================================
:::: Self check ::::
:: [OK] IP forwarding is enabled
:: [OK] Ufw is enabled
:: [OK] Iptables MASQUERADE rule set
:: [OK] Ufw input rule set
:: [OK] Ufw forwarding rule set
:: [OK] OpenVPN is running
:: [OK] OpenVPN is enabled
(it will automatically start on reboot)
:: [OK] OpenVPN is listening on port 1194/udp
=============================================
:::: Having trouble connecting? Take a look at the FAQ:
:::: https://docs.pivpn.io/faq
=============================================
:::: Snippet of the server log ::::
Feb 8 08:26:49 raspberrypi ovpn-server[743]: TLS Error: tls-crypt unwrapping failed from [AF_INET]REDACTED:45306
Feb 8 08:30:24 raspberrypi ovpn-server[743]: dmpivpn/192.168.1.1:57583 TLS: soft reset sec=3349/3349 bytes=630101803/-1 pkts=613919/0
Feb 8 08:30:24 raspberrypi ovpn-server[743]: dmpivpn/192.168.1.1:57583 VERIFY OK: depth=1, CN=Easy-RSA CA
Feb 8 08:30:24 raspberrypi ovpn-server[743]: dmpivpn/192.168.1.1:57583 VERIFY KU OK
Feb 8 08:30:24 raspberrypi ovpn-server[743]: dmpivpn/192.168.1.1:57583 Validating certificate extended key usage
Feb 8 08:30:24 raspberrypi ovpn-server[743]: dmpivpn/192.168.1.1:57583 ++ Certificate has EKU (str) TLS Web Client Authentication, expects TLS Web Client Authentication
Feb 8 08:30:24 raspberrypi ovpn-server[743]: dmpivpn/192.168.1.1:57583 VERIFY EKU OK
Feb 8 08:30:24 raspberrypi ovpn-server[743]: dmpivpn/192.168.1.1:57583 VERIFY OK: depth=0, CN=dmpivpn
Feb 8 08:30:24 raspberrypi ovpn-server[743]: dmpivpn/192.168.1.1:57583 peer info: IV_VER=3.6.7
Feb 8 08:30:24 raspberrypi ovpn-server[743]: dmpivpn/192.168.1.1:57583 peer info: IV_PLAT=mac
Feb 8 08:30:24 raspberrypi ovpn-server[743]: dmpivpn/192.168.1.1:57583 peer info: IV_NCP=2
Feb 8 08:30:24 raspberrypi ovpn-server[743]: dmpivpn/192.168.1.1:57583 peer info: IV_TCPNL=1
Feb 8 08:30:24 raspberrypi ovpn-server[743]: dmpivpn/192.168.1.1:57583 peer info: IV_PROTO=30
Feb 8 08:30:24 raspberrypi ovpn-server[743]: dmpivpn/192.168.1.1:57583 peer info: IV_CIPHERS=AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305
Feb 8 08:30:24 raspberrypi ovpn-server[743]: dmpivpn/192.168.1.1:57583 peer info: IV_AUTO_SESS=1
Feb 8 08:30:24 raspberrypi ovpn-server[743]: dmpivpn/192.168.1.1:57583 peer info: IV_GUI_VER=OCmacOS_3.4.1-4522
Feb 8 08:30:24 raspberrypi ovpn-server[743]: dmpivpn/192.168.1.1:57583 peer info: IV_SSO=webauth,openurl,crtext
Feb 8 08:30:24 raspberrypi ovpn-server[743]: dmpivpn/192.168.1.1:57583 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Feb 8 08:30:24 raspberrypi ovpn-server[743]: dmpivpn/192.168.1.1:57583 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Feb 8 08:30:24 raspberrypi ovpn-server[743]: dmpivpn/192.168.1.1:57583 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 256 bit EC, curve: prime256v1
=============================================
:::: Debug complete ::::
:::
::: Debug output completed above.
::: Copy saved to /tmp/debug.log
:::
OUTPUT HERE
DO NOT DELETE THE BACK-TICKS
PASTE THE OUTPUT INSIDE THE BACK-TICKS
What's your home connection speed, as well as connection speed from when you are connecting with and without VPN?
No VPN 102mb/s download & 19mb/s upload
With OPENVPN Cloud 102mb/s download & 19mb/s upload
With Raspberry Pi VPN 48.83mb/s download & 18.44mb/s upload
No VPN 102mb/s download & 19mb/s upload
Is this your home connection?
No VPN 102mb/s download & 19mb/s upload
Is this your home connection?
Yes this is my home connection.
Then you can get at most 19 mb/s down and 19 mb/s up while on VPN.
You state that I cannot get more than 19mb/s up & down but I am already getting 48mb/s download & 19mb/s upload on Raspberryipi OPENVPN, so your statement is very confusing?
Can you explain why Raspberrypi OPENVPN gives 50% Less download than OPENVPN CLOUD?
With NO VPN & OPENVPN Cloud I get 102mb/s download & 19mb/s upload, why should I expect less on Raspberrypi OPENVPN?
Well because when you are connecting from the outside your Raspberry Pi has to upload everything you download on the VPN client device. I’m not familiar with OpenVPN cloud but maybe they host high bandwidth servers for you.
OPENVPN is a well known open source VPN but if you have not heard about it then you probably cannot answer my question.
Thank you
OPENVPN is a well known open source VPN but if you have not heard about it then you probably cannot answer my question.
Thank you
I would recommend you to look at the person with most commits n this project.
OpenVPN and OpenVPN Cloud are distinct things. I am not familiar with openvpn cloud either but a quick look at it ... I suspect that it is not using your Raspberry PI as VPN server. 🤔
@darrenmurphy7 If you want to compare products from OpenVPN then there are plenty of good ways to do that.
This issue on PiVPN is not a good way to do that.