I'm seeing differing network speeds depending on where I place file transfers to and from my office network from my home. The office network is running FreeNAS with OpenVpn in an iocage jail. Additionally my Workstation1 at the office is in DMZ so I can ssh directly to it from home.
The topology:
Freenas - is running at my office 10.217.50.10
OpenVPN - is running in an iocage jail on the Freenas 10.217.50.13
Workstation1 - A workstation at the office on the same network segment is 10.217.50.169. (In DMZ, can be ssh'd to directly)
My house has 500Mb internet
My office has 1000Mb internet
A scp for a ~800MB iso file consistently shows results like these:
House to Workstation 1 vi scp to public IP (DMZ address bypass everything freenas) - 36MB/s
House to Workstation1 via scp through VPN - 17.2MB/s
House to OpenVPN jail via scp through VPN - 17.4/s
House to FreeNas via scp through VPN - 1.6MB/s
So observations. VPN speeds are roughly half that of direct connection. VPN to the NAS is way slower at just 1.6MB/s.
Does anyone know why my connection from OpenVPN to Freenas is so slow through the VPN? When I scp files directly from the OpenVPN jail to the Freenas on which its hosted I'm getting speeds of ~120MB/sec.
Here's ifconfig from the OpenVPN Jail
And the ifconfig from the FreeNAS
And here's my iocage config.json file:
and finally, my Freenas release info:
The topology:
Freenas - is running at my office 10.217.50.10
OpenVPN - is running in an iocage jail on the Freenas 10.217.50.13
Workstation1 - A workstation at the office on the same network segment is 10.217.50.169. (In DMZ, can be ssh'd to directly)
My house has 500Mb internet
My office has 1000Mb internet
A scp for a ~800MB iso file consistently shows results like these:
House to Workstation 1 vi scp to public IP (DMZ address bypass everything freenas) - 36MB/s
House to Workstation1 via scp through VPN - 17.2MB/s
House to OpenVPN jail via scp through VPN - 17.4/s
House to FreeNas via scp through VPN - 1.6MB/s
So observations. VPN speeds are roughly half that of direct connection. VPN to the NAS is way slower at just 1.6MB/s.
Does anyone know why my connection from OpenVPN to Freenas is so slow through the VPN? When I scp files directly from the OpenVPN jail to the Freenas on which its hosted I'm getting speeds of ~120MB/sec.
Here's ifconfig from the OpenVPN Jail
Code:
$ ifconfig -a
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
inet 127.0.0.1 netmask 0xff000000
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
groups: lo
epair0b: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8<VLAN_MTU>
ether 02:ff:60:36:38:32
hwaddr 02:2e:d0:00:07:0b
inet 10.217.50.13 netmask 0xffffff00 broadcast 10.217.50.255
nd6 options=1<PERFORMNUD>
media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
status: active
groups: epair
tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1500
options=80000<LINKSTATE>
inet 10.8.0.1 --> 10.8.0.2 netmask 0xffffff00
nd6 options=1<PERFORMNUD>
groups: tun
Opened by PID 6051
And the ifconfig from the FreeNAS
Code:
root@freenas:~ # ifconfig -a
igb0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=2400b9<RXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,VLAN_HWTSO,RXCSUM_IPV6>
ether 0c:c4:7a:12:52:5e
hwaddr 0c:c4:7a:12:52:5e
inet 10.217.50.10 netmask 0xff000000 broadcast 10.255.255.255
nd6 options=9<PERFORMNUD,IFDISABLED>
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
igb1: flags=8c02<BROADCAST,OACTIVE,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=6403bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,TSO6,VLAN_HWTSO,RXCSUM_IPV6,TXCSUM_IPV6>
ether 0c:c4:7a:12:52:5f
hwaddr 0c:c4:7a:12:52:5f
nd6 options=9<PERFORMNUD,IFDISABLED>
media: Ethernet autoselect
status: no carrier
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3
inet 127.0.0.1 netmask 0xff000000
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
groups: lo
tap0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: Attached to VTG_SYSIMG
options=80000<LINKSTATE>
ether 00:bd:7d:57:f9:00
hwaddr 00:bd:7d:57:f9:00
nd6 options=1<PERFORMNUD>
media: Ethernet autoselect
status: active
groups: tap
Opened by PID 5564
bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
ether 02:c8:7c:65:26:00
nd6 options=1<PERFORMNUD>
groups: bridge
id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
member: vnet0:1 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 6 priority 128 path cost 2000
member: igb0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 1 priority 128 path cost 20000
member: tap0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 4 priority 128 path cost 2000000
vnet0:1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: associated with jail: openvpn as nic: epair0b
options=8<VLAN_MTU>
ether 02:ff:60:36:38:31
hwaddr 02:2e:d0:00:06:0a
inet6 fe80::ff:60ff:fe36:3831%vnet0:1 prefixlen 64 scopeid 0x6
nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
status: active
groups: epair
And here's my iocage config.json file:
Code:
root@freenas:/mnt/zvol1/iocage/jails/openvpn # more config.json
{
"CONFIG_VERSION": "14.1",
"allow_chflags": "0",
"allow_mlock": "0",
"allow_mount": "0",
"allow_mount_devfs": "0",
"allow_mount_nullfs": "0",
"allow_mount_procfs": "0",
"allow_mount_tmpfs": "0",
"allow_mount_zfs": "0",
"allow_quotas": "0",
"allow_raw_sockets": "1",
"allow_set_hostname": "1",
"allow_socket_af": "0",
"allow_sysvipc": "0",
"allow_tun": "1",
"available": "readonly",
"basejail": "no",
"boot": "on",
"bpf": "no",
"children_max": "0",
"cloned_release": "11.2-RELEASE-p8",
"comment": "none",
"compression": "lz4",
"compressratio": "readonly",
"coredumpsize": "off",
"count": "1",
"cpuset": "off",
"cputime": "off",
"datasize": "off",
"dedup": "off",
"defaultrouter": "10.217.50.1",
"defaultrouter6": "none",
"depends": "none",
"devfs_ruleset": "4",
"dhcp": "off",
"enforce_statfs": "2",
"exec_clean": "1",
"exec_fib": "0",
"exec_jail_user": "root",
"exec_poststart": "/usr/bin/true",
"exec_poststop": "/usr/bin/true",
"exec_prestart": "/usr/bin/true",
"exec_prestop": "/usr/bin/true",
"exec_start": "/bin/sh /etc/rc",
"exec_stop": "/bin/sh /etc/rc.shutdown",
"exec_system_jail_user": "0",
"exec_system_user": "root",
"exec_timeout": "60",
"host_domainname": "vtg",
"host_hostname": "openvpn",
"host_hostuuid": "openvpn",
"host_time": "yes",
"hostid": "30E3513E-5BC0-11E4-899B-09DC14AEE001",
"hostid_strict_check": "off",
"interfaces": "vnet0:bridge0",
"ip4": "new",
"ip4_addr": "vnet0|10.217.50.13/24",
"ip4_saddrsel": "1",
"ip6": "new",
"ip6_addr": "vnet0|accept_rtadv",
"ip6_saddrsel": "1",
"jail_zfs": "off",
"jail_zfs_dataset": "iocage/jails/openvpn/data",
"jail_zfs_mountpoint": "none",
"last_started": "2020-05-08 01:39:29",
"login_flags": "-f root",
"mac_prefix": "02ff60",
"maxproc": "off",
"memorylocked": "off",
"memoryuse": "off",
"mount_devfs": "1",
"mount_fdescfs": "1",
"mount_linprocfs": "0",
"mount_procfs": "0",
"mountpoint": "readonly",
"msgqqueued": "off",
"msgqsize": "off",
"nmsgq": "off",
"notes": "none",
"nsemop": "off",
"nshm": "off",
"nthr": "off",
"openfiles": "off",
"origin": "readonly",
"owner": "root",
"pcpu": "off",
"priority": "99",
"pseudoterminals": "off",
"quota": "none",
"release": "11.2-RELEASE-p8",
"reservation": "none",
"resolver": "/etc/resolv.conf",
"rlimits": "off",
"securelevel": "2",
"shmsize": "off",
"stacksize": "off",
"stop_timeout": "30",
"swapuse": "off",
"sync_state": "none",
"sync_target": "none",
"sync_tgt_zpool": "none",
"sysvmsg": "new",
"sysvsem": "new",
"sysvshm": "new",
"template": "no",
"type": "jail",
"used": "readonly",
"vmemoryuse": "off",
"vnet": "on",
"vnet0_mac": "02ff60363831 02ff60363832",
"vnet1_mac": "none",
"vnet2_mac": "none",
"vnet3_mac": "none",
"vnet_default_interface": "auto",
"vnet_interfaces": "none",
"wallclock": "off"
}
and finally, my Freenas release info:
Code:
root@freenas:/mnt/zvol1/iocage/jails/openvpn # cat /etc/motd
FreeBSD 11.2-STABLE (FreeNAS.amd64) #0 r325575+4710c8b6420(HEAD): Fri Feb 14 13:59:19 UTC 2020
FreeNAS (c) 2009-2019, The FreeNAS Development Team
All rights reserved.
FreeNAS is released under the modified BSD license.
For more information, documentation, help or support, go here:
http://freenas.org
Welcome to FreeNAS
