4

I've installed SoftEther VPN Server on Ubuntu 16.0.4.1

VPN clients: iPhone, Windows 8 and another Ubuntu Server

Network Traffic Speed Test Tool:

without VPN:

  • Download - 36.88 Mbps
  • Upload - 4.93 Mbps

with VPN (L2TP or SSTP or SoftEteher VPN client with Local Bridge or SecureNAT):

  • Download - 300.53 Kbps
  • Upload - 4.79 Mbps

from VPN server to another server without VPN (same LAN, 1Gbps):

  • Download - 0.95 Gbps
  • Upload - 0.92 Gbps

from another server to VPN server via VPN:

  • Download - 9.14 Mbps

  • Upload - 905.33 Mbps

  • Download -only - 88.18 Mbps

  • Upload -only - 0.91 Gbps

Why Download is very low ?

Degot
  • 69
  • 1
  • 5
  • For the server to server via VPN test, could you explain a bit more about how you are testing? I am wondering if part of this might not be disk IO, rather than network IO - where is your download file coming from? In general, using a VPN comes with some overhead to account for encryption and various control messages, but that overhead would not, I think, account for your issue. – iwaseatenbyagrue Mar 09 '17 at 09:02

3 Answers3

2

This is how I did it (ubuntu 18.04/20.04):

(1) Set up a bridge (br0) using netplan config and add the NIC interface only to the bridge (in /etc/netplan).

(2) Add tap_softether to the bridge in start up script (in /etc/init.d).

brctl addif br0 tap_softether # adding tap device after it's up.

(3) Results: Download on openvpn went up from 1 Mbps (on physical bridge) to 100 Mbps (on tap bridge).

David D
  • 21
  • 2
2

There was a problem with Local Bridge (eth0), so I changed it to Local Bridge(tap) + br0(tap + eth0) => issue is fixed

Degot
  • 69
  • 1
  • 5
  • Could you please provide any details on what exactly was wrong with using just "eth0" and what you did to improve your results? I think that I have the exact same issue, and it doesn't make sense to me *why* adding a random TAP bridge would fix anything. – Douglas Manley Apr 01 '17 at 20:00
  • Note on my experience: SoftEther creates its TAP device after it starts, so there's no way to set up the bridging of "eth0" *and* "tap_*" in advance. I ended up overriding my systemd unit to have an "ExecStartPost" step that runs a script to run "brctl add br0 tap_softether" when that TAP device exists. – Douglas Manley Apr 01 '17 at 22:16
  • I don't know what caused issue with just "eth0", but as you can see from my Q. network performance was VERY bad for download. That's why I played with TAP and found that it performs well. And yes, I did the same as you.. I have a script in "ExecStartPost" , which runs "brctl" – Degot Apr 02 '17 at 08:28
  • 1
    Could you provide more details about the solution? I created a tap device using SoftEther and I did try the `brctl addbr br0 tap_tapdevice` command but it doesn't do anything. In fact, if I do `brctl addif enp1s0` after that I lose my network connection completely. – dan May 26 '19 at 06:27
  • is the interface up? Thanks to "Douglas Manley", i added successfully the following to my systemd service file: `ExecStartPost brctl addbr br0` `ExecStartPost brctl addif enp1s0 tap_tapdevice` `ExecStartPost ip link set dev br0 up` – fbett Jun 18 '20 at 07:41
  • Worked like a charm. – Carlos Paulino Nov 25 '20 at 05:41
0

Had a similar issue. Hopefully my experience helps someone. I had a bridge br0 with several NICs, softether connecting to br0 using a veth pair (veth_se-veth_sebr) to avoid using dedicated NIC and still be able ping server. on a 100MB down, 10MB up I was seening 0.5Mdown/6MB up.

I turned off TSO on both ends of veth.

  • ethtool -K veth_sebr tso off
  • ethtool -K veth_se tso off

download speed now 80MBs, upload 6MBs

Amer Agovic
  • 101
  • 1