Openvpn [debit irégulier]

Bonjour tout le monde :slightly_smiling:

Je suis actuellement connecter sur mon VPN ( héberger chez ovh ), et je constate que le debit est irrégulier ( il passe de 1Mo/s a 0o/s ), sans le VPN je stagne dans les 250Ko/s.

Du coter du ping je passe de 70+ à 40.

Pour les jeux en ligne sa passe mais les client perdent la connection au bout d’un certain temps ( de 5 a 60min ).
=Le debit ne stop pas a 0o/s mais reste a 25/50Ko/s.

Pour le streaming et la navigation internet vue le debit je peut DL d’un coup a 1Mo/s ( sa change de mon debit habituel ^^, mais juste apres sa stop et bloque a 0o/s pour repartir a fond a 1Mo/s et sa constamment )

Voici ma config:

Server.conf:

[code]port 1194

proto udp

dev tun

ca ca.crt
cert vpn-tzu.crt
key vpn-tzu.key

dh dh1024.pem

server 10.8.0.0 255.255.255.0

ifconfig-pool-persist ipp.txt

duplicate-cn

keepalive 10 120

comp-lzo

persist-key
persist-tun

status openvpn-status.log

verb 5[/code]

Client.conf:

[code]
client

dev tun

proto udp

remote mon-ip 1194

resolv-retry infinite

nobind

persist-key
persist-tun

ca ca.crt
cert Serda.crt
key Serda.key

ns-cert-type server

comp-lzo

verb 3

route-method exe
route-delay 2[/code]

Log Serveur:

Mon Jun 3 20:41:38 2013 us=644180 OpenVPN 2.2.1 x86_64-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110424-2 (2.2RC2)] built on Mar 23 2012 Mon Jun 3 20:41:38 2013 us=644322 WARNING: using --duplicate-cn and --client-config-dir together is probably not what you want Mon Jun 3 20:41:38 2013 us=644388 WARNING: --ifconfig-pool-persist will not work with --duplicate-cn Mon Jun 3 20:41:38 2013 us=644493 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables Mon Jun 3 20:41:38 2013 us=645547 Diffie-Hellman initialized with 1024 bit key Mon Jun 3 20:41:38 2013 us=646140 TLS-Auth MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ] Mon Jun 3 20:41:38 2013 us=646217 Socket Buffers: R=[229376->131072] S=[229376->131072] Mon Jun 3 20:41:38 2013 us=646329 ROUTE default_gateway=10.0.2.2 Mon Jun 3 20:41:38 2013 us=646924 TUN/TAP device tun0 opened Mon Jun 3 20:41:38 2013 us=646993 TUN/TAP TX queue length set to 100 Mon Jun 3 20:41:38 2013 us=647033 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0 Mon Jun 3 20:41:38 2013 us=647080 /sbin/ifconfig tun0 10.8.0.1 pointopoint 10.8.0.2 mtu 1500 Mon Jun 3 20:41:38 2013 us=648968 /sbin/route add -net 10.8.0.0 netmask 255.255.255.0 gw 10.8.0.2 Mon Jun 3 20:41:38 2013 us=650309 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ] Mon Jun 3 20:41:38 2013 us=650347 UDPv4 link local (bound): [undef] Mon Jun 3 20:41:38 2013 us=650359 UDPv4 link remote: [undef] Mon Jun 3 20:41:38 2013 us=650376 MULTI: multi_init called, r=256 v=256 Mon Jun 3 20:41:38 2013 us=650411 IFCONFIG POOL: base=10.8.0.4 size=62, ipv6=0 Mon Jun 3 20:41:38 2013 us=650439 IFCONFIG POOL LIST Mon Jun 3 20:41:38 2013 us=650462 Initialization Sequence Completed Mon Jun 3 20:42:06 2013 us=161786 MULTI: multi_create_instance called Mon Jun 3 20:42:06 2013 us=161897 10.0.2.2:34043 Re-using SSL/TLS context Mon Jun 3 20:42:06 2013 us=161952 10.0.2.2:34043 LZO compression initialized Mon Jun 3 20:42:06 2013 us=162230 10.0.2.2:34043 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ] Mon Jun 3 20:42:06 2013 us=162285 10.0.2.2:34043 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ] Mon Jun 3 20:42:06 2013 us=162367 10.0.2.2:34043 Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server' Mon Jun 3 20:42:06 2013 us=162408 10.0.2.2:34043 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client' Mon Jun 3 20:42:06 2013 us=162455 10.0.2.2:34043 Local Options hash (VER=V4): '530fdded' Mon Jun 3 20:42:06 2013 us=162485 10.0.2.2:34043 Expected Remote Options hash (VER=V4): '41690919' RMon Jun 3 20:42:06 2013 us=162565 10.0.2.2:34043 TLS: Initial packet from [AF_INET]10.0.2.2:34043, sid=367c64f6 27efa40b Mon Jun 3 20:42:06 2013 us=589888 10.0.2.2:34043 VERIFY OK: depth=1, Mon Jun 3 20:42:06 2013 us=591083 10.0.2.2:34043 VERIFY OK: depth=0, Mon Jun 3 20:42:06 2013 us=760354 10.0.2.2:34043 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Mon Jun 3 20:42:06 2013 us=760518 10.0.2.2:34043 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Mon Jun 3 20:42:06 2013 us=760721 10.0.2.2:34043 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Mon Jun 3 20:42:06 2013 us=760795 10.0.2.2:34043 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication WWWRRRMon Jun 3 20:42:06 2013 us=796675 10.0.2.2:34043 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Mon Jun 3 20:42:06 2013 us=796799 10.0.2.2:34043 [Serda] Peer Connection Initiated with [AF_INET]10.0.2.2:34043 Mon Jun 3 20:42:06 2013 us=797320 Serda/10.0.2.2:34043 OPTIONS IMPORT: reading client specific options from: ccd/Serda Mon Jun 3 20:42:06 2013 us=797517 Serda/10.0.2.2:34043 Options error: in --iroute 10.8.0.1 255.255.255.0 : Bad network/subnet specification Mon Jun 3 20:42:06 2013 us=798003 Serda/10.0.2.2:34043 MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=80a0:7a12:ca7f:0:cdac:6210:ca7f:0 Mon Jun 3 20:42:06 2013 us=798464 Serda/10.0.2.2:34043 MULTI: Learn: 10.8.0.6 -> Serda/10.0.2.2:34043 Mon Jun 3 20:42:06 2013 us=798563 Serda/10.0.2.2:34043 MULTI: primary virtual IP for Serda/10.0.2.2:34043: 10.8.0.6 RMon Jun 3 20:42:08 2013 us=956530 Serda/10.0.2.2:34043 PUSH: Received control message: 'PUSH_REQUEST' Mon Jun 3 20:42:08 2013 us=956683 Serda/10.0.2.2:34043 send_push_reply(): safe_cap=960 Mon Jun 3 20:42:08 2013 us=956819 Serda/10.0.2.2:34043 SENT CONTROL [Serda]: 'PUSH_REPLY,redirect-gateway def1,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' (status=1)

Log Client:

Mon Jun 3 20:42:03 2013 OpenVPN 2.2.1 x86_64-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110424-2 (2.2RC2)] built on Mar 23 2012 Mon Jun 3 20:42:03 2013 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables Mon Jun 3 20:42:03 2013 LZO compression initialized Mon Jun 3 20:42:03 2013 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ] Mon Jun 3 20:42:03 2013 Socket Buffers: R=[229376->131072] S=[229376->131072] Mon Jun 3 20:42:03 2013 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ] Mon Jun 3 20:42:03 2013 Local Options hash (VER=V4): '41690919' Mon Jun 3 20:42:03 2013 Expected Remote Options hash (VER=V4): '530fdded' Mon Jun 3 20:42:03 2013 UDPv4 link local: [undef] Mon Jun 3 20:42:03 2013 UDPv4 link remote: [AF_INET]IP-SERVEUR:1194 Mon Jun 3 20:42:03 2013 TLS: Initial packet from [AF_INET]IP-SERVEUR:1194, sid=7fbe3fb1 8cac37a6 Mon Jun 3 20:42:03 2013 VERIFY OK: depth=1, Mon Jun 3 20:42:03 2013 VERIFY OK: nsCertType=SERVER Mon Jun 3 20:42:03 2013 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Mon Jun 3 20:42:03 2013 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Mon Jun 3 20:42:03 2013 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Mon Jun 3 20:42:03 2013 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Mon Jun 3 20:42:03 2013 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Mon Jun 3 20:42:03 2013 [vpn-tzu] Peer Connection Initiated with [AF_INET]IP-SERVEUR:1194 Mon Jun 3 20:42:06 2013 SENT CONTROL [vpn-tzu]: 'PUSH_REQUEST' (status=1) Mon Jun 3 20:42:06 2013 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' Mon Jun 3 20:42:06 2013 OPTIONS IMPORT: timers and/or timeouts modified Mon Jun 3 20:42:06 2013 OPTIONS IMPORT: --ifconfig/up options modified Mon Jun 3 20:42:06 2013 OPTIONS IMPORT: route options modified Mon Jun 3 20:42:06 2013 ROUTE default_gateway=192.168.1.1 Mon Jun 3 20:42:06 2013 TUN/TAP device tun0 opened Mon Jun 3 20:42:06 2013 TUN/TAP TX queue length set to 100 Mon Jun 3 20:42:06 2013 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0 Mon Jun 3 20:42:06 2013 /sbin/ifconfig tun0 10.8.0.6 pointopoint 10.8.0.5 mtu 1500 Mon Jun 3 20:42:06 2013 /sbin/route add -net IP-SERVEUR netmask 255.255.255.255 gw 192.168.1.1 Mon Jun 3 20:42:06 2013 /sbin/route add -net 0.0.0.0 netmask 128.0.0.0 gw 10.8.0.5 Mon Jun 3 20:42:06 2013 /sbin/route add -net 128.0.0.0 netmask 128.0.0.0 gw 10.8.0.5 Mon Jun 3 20:42:06 2013 /sbin/route add -net 10.8.0.1 netmask 255.255.255.255 gw 10.8.0.5 Mon Jun 3 20:42:06 2013 Initialization Sequence Completed

Les routes:

Table de routage IP du noyau Destination Passerelle Genmask Indic Metric Ref Use Iface 0.0.0.0 10.0.2.2 0.0.0.0 UG 0 0 0 eth0 10.0.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 10.8.0.0 10.8.0.2 255.255.255.0 UG 0 0 0 tun0 10.8.0.2 0.0.0.0 255.255.255.255 UH 0 0 0 tun0

Iptables:

[code]Chain PREROUTING (policy ACCEPT)
target prot opt source destination

Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all – 10.8.0.0/24 0.0.0.0/0 [/code]

Donc tout fonctionnent a par le probleme de debit que je n’arrive pas a régler meme en cherchent sur le forum :s

p’tit up :slightly_smiling:

J’ai essayer de changer les port, l’udp en tcp mais rien y fait …