Answer the question
In order to leave comments, you need to log in
OpenVPN how to fix latency?
There is a configured vpn server, I used it for several months, everything was fine, but after it stood for about a week without action, lags appeared. That is, it connects normally, even loads, but before starting to load the site, it thinks for 10-15 seconds and the speed is about 2mb, although before 20 was
Client code:
client
dev tun
proto udp
remote АДРЕС_СЕРВЕРА 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
remote-cert-tls server
verb 3
port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
keepalive 10 120
persist-key
persist-tun
status openvpn-status.log
log openvpn.log
log-append openvpn.log
verb 3
push "redirect-gateway def1"
push "dhcp-option DNS 8.8.8.8"
Sat Nov 21 21:54:20 2015 OpenVPN 2.3.8 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on Aug 4 2015
Sat Nov 21 21:54:20 2015 library versions: OpenSSL 1.0.1p 9 Jul 2015, LZO 2.08
Enter Management Password:
Sat Nov 21 21:54:20 2015 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Sat Nov 21 21:54:20 2015 Need hold release from management interface, waiting...
Sat Nov 21 21:54:20 2015 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Sat Nov 21 21:54:20 2015 MANAGEMENT: CMD 'state on'
Sat Nov 21 21:54:20 2015 MANAGEMENT: CMD 'log all on'
Sat Nov 21 21:54:20 2015 MANAGEMENT: CMD 'hold off'
Sat Nov 21 21:54:20 2015 MANAGEMENT: CMD 'hold release'
Sat Nov 21 21:54:24 2015 MANAGEMENT: CMD 'password [...]'
Sat Nov 21 21:54:24 2015 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Sat Nov 21 21:54:24 2015 Socket Buffers: R=[8192->8192] S=[8192->8192]
Sat Nov 21 21:54:24 2015 UDPv4 link local: [undef]
Sat Nov 21 21:54:24 2015 UDPv4 link remote: [AF_INET]92.63.107.243:1194
Sat Nov 21 21:54:24 2015 MANAGEMENT: >STATE:1448132064,WAIT,,,
Sat Nov 21 21:54:24 2015 MANAGEMENT: >STATE:1448132064,AUTH,,,
Sat Nov 21 21:54:24 2015 TLS: Initial packet from [AF_INET]АДРЕС_СЕРВЕРА:1194, sid=90335cfa 2a12bcc9
Sat Nov 21 21:54:25 2015 VERIFY OK: depth=1, CN=Easy-RSA CA
Sat Nov 21 21:54:25 2015 Validating certificate key usage
Sat Nov 21 21:54:25 2015 ++ Certificate has key usage 00a0, expects 00a0
Sat Nov 21 21:54:25 2015 VERIFY KU OK
Sat Nov 21 21:54:25 2015 Validating certificate extended key usage
Sat Nov 21 21:54:25 2015 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Sat Nov 21 21:54:25 2015 VERIFY EKU OK
Sat Nov 21 21:54:25 2015 VERIFY OK: depth=0, CN=server
Sat Nov 21 21:54:25 2015 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat Nov 21 21:54:25 2015 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Nov 21 21:54:25 2015 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat Nov 21 21:54:25 2015 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Nov 21 21:54:25 2015 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Sat Nov 21 21:54:25 2015 [server] Peer Connection Initiated with [AF_INET]АДРЕС_СЕРВЕРА:1194
Sat Nov 21 21:54:26 2015 MANAGEMENT: >STATE:1448132066,GET_CONFIG,,,
Sat Nov 21 21:54:27 2015 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Sat Nov 21 21:54:27 2015 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 8.8.8.8,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5'
Sat Nov 21 21:54:27 2015 OPTIONS IMPORT: timers and/or timeouts modified
Sat Nov 21 21:54:27 2015 OPTIONS IMPORT: --ifconfig/up options modified
Sat Nov 21 21:54:27 2015 OPTIONS IMPORT: route options modified
Sat Nov 21 21:54:27 2015 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Sat Nov 21 21:54:27 2015 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Sat Nov 21 21:54:27 2015 MANAGEMENT: >STATE:1448132067,ASSIGN_IP,,10.8.0.6,
Sat Nov 21 21:54:27 2015 open_tun, tt->ipv6=0
Sat Nov 21 21:54:27 2015 TAP-WIN32 device [Подключение по локальной сети 2] opened: \\.\Global\{48A76E5F-3340-4B4F-ABB7-41F3B4EC0042}.tap
Sat Nov 21 21:54:27 2015 TAP-Windows Driver Version 9.21
Sat Nov 21 21:54:27 2015 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.8.0.6/255.255.255.252 on interface {48A76E5F-3340-4B4F-ABB7-41F3B4EC0042} [DHCP-serv: 10.8.0.5, lease-time: 31536000]
Sat Nov 21 21:54:27 2015 Successful ARP Flush on interface [33] {48A76E5F-3340-4B4F-ABB7-41F3B4EC0042}
Sat Nov 21 21:54:29 2015 TEST ROUTES: 2/2 succeeded len=1 ret=1 a=0 u/d=up
Sat Nov 21 21:54:29 2015 C:\Windows\system32\route.exe ADD АДРЕС_СЕРВЕРА MASK 255.255.255.255 192.168.0.1
Sat Nov 21 21:54:29 2015 env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
Sat Nov 21 21:54:29 2015 C:\Windows\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.8.0.5
Sat Nov 21 21:54:29 2015 env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
Sat Nov 21 21:54:29 2015 C:\Windows\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.8.0.5
Sat Nov 21 21:54:29 2015 env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
Sat Nov 21 21:54:29 2015 MANAGEMENT: >STATE:1448132069,ADD_ROUTES,,,
Sat Nov 21 21:54:29 2015 C:\Windows\system32\route.exe ADD 10.8.0.1 MASK 255.255.255.255 10.8.0.5
Sat Nov 21 21:54:29 2015 env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
Sat Nov 21 21:54:29 2015 Initialization Sequence Completed
Sat Nov 21 21:54:29 2015 MANAGEMENT: >STATE:1448132069,CONNECTED,SUCCESS,10.8.0.6,92.63.107.243
Sat Nov 21 21:54:34 2015 MULTI: multi_create_instance called
Sat Nov 21 21:54:34 2015 АДРЕС_КЛИЕНТА:3458 Re-using SSL/TLS context
Sat Nov 21 21:54:34 2015 АДРЕС_КЛИЕНТА:3458 Control Channel MTU parms [ L:1541 D:138 EF:38 EB:0 ET:0 EL:0 ]
Sat Nov 21 21:54:34 2015 АДРЕС_КЛИЕНТА:3458 Data Channel MTU parms [ L:1541 D:1450 EF:41 EB:4 ET:0 EL:0 ]
Sat Nov 21 21:54:34 2015 АДРЕС_КЛИЕНТА:3458 Local Options hash (VER=V4): '239669a8'
Sat Nov 21 21:54:34 2015 АДРЕС_КЛИЕНТА:3458 Expected Remote Options hash (VER=V4): '3514370b'
Sat Nov 21 21:54:34 2015 АДРЕС_КЛИЕНТА:3458 TLS: Initial packet from [AF_INET]АДРЕС_КЛИЕНТА:3458, sid=41f83433 c18b7549
Sat Nov 21 21:54:34 2015 АДРЕС_КЛИЕНТА:3458 VERIFY OK: depth=1, /CN=Easy-RSA_CA
Sat Nov 21 21:54:34 2015 АДРЕС_КЛИЕНТА:3458 VERIFY OK: depth=0, /CN=client1
Sat Nov 21 21:54:34 2015 АДРЕС_КЛИЕНТА:3458 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat Nov 21 21:54:34 2015 АДРЕС_КЛИЕНТА:3458 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Nov 21 21:54:34 2015 АДРЕС_КЛИЕНТА:3458 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat Nov 21 21:54:34 2015 АДРЕС_КЛИЕНТА:3458 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Nov 21 21:54:35 2015 АДРЕС_КЛИЕНТА:3458 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Sat Nov 21 21:54:35 2015 АДРЕС_КЛИЕНТА:3458 [client1] Peer Connection Initiated with [AF_INET]АДРЕС_КЛИЕНТА:3458
Sat Nov 21 21:54:35 2015 MULTI: new connection by client 'client1' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
Sat Nov 21 21:54:35 2015 MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=50a5:9d3:2a7f:0:f2b7:6dd2:2a7f:0
Sat Nov 21 21:54:35 2015 MULTI: Learn: 10.8.0.6 -> client1/АДРЕС_КЛИЕНТА:3458
Sat Nov 21 21:54:35 2015 MULTI: primary virtual IP for client1/АДРЕС_КЛИЕНТА:3458: 10.8.0.6
Sat Nov 21 21:54:36 2015 client1/АДРЕС_КЛИЕНТА:3458 PUSH: Received control message: 'PUSH_REQUEST'
Sat Nov 21 21:54:36 2015 client1/АДРЕС_КЛИЕНТА:3458 send_push_reply(): safe_cap=960
Sat Nov 21 21:54:36 2015 client1/АДРЕС_КЛИЕНТА:3458 SENT CONTROL [client1]: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 8.8.8.8,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' (status=1)
Answer the question
In order to leave comments, you need to log in
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question