I'm seeing differing network speeds depending on where I place file transfers to and from my office network from my home. The office network is running FreeNAS with OpenVpn in an iocage jail. Additionally my Workstation1 at the office is in DMZ so I can ssh directly to it from home.
The topology:
Freenas - is running at my office 10.217.50.10
OpenVPN - is running in an iocage jail on the Freenas 10.217.50.13
Workstation1 - A workstation at the office on the same network segment is 10.217.50.169. (In DMZ, can be ssh'd to directly)
My house has 500Mb internet
My office has 1000Mb internet
A scp for a ~800MB iso file consistently shows results like these:
House to Workstation 1 vi scp to public IP (DMZ address bypass everything freenas) - 36MB/s
House to Workstation1 via scp through VPN - 17.2MB/s
House to OpenVPN jail via scp through VPN - 17.4/s
House to FreeNas via scp through VPN - 1.6MB/s
So observations. VPN speeds are roughly half that of direct connection. VPN to the NAS is way slower at just 1.6MB/s.
Does anyone know why my connection from OpenVPN to Freenas is so slow through the VPN? When I scp files directly from the OpenVPN jail to the Freenas on which its hosted I'm getting speeds of ~120MB/sec.
Here's ifconfig from the OpenVPN Jail
And the ifconfig from the FreeNAS
And here's my iocage config.json file:
and finally, my Freenas release info:
The topology:
Freenas - is running at my office 10.217.50.10
OpenVPN - is running in an iocage jail on the Freenas 10.217.50.13
Workstation1 - A workstation at the office on the same network segment is 10.217.50.169. (In DMZ, can be ssh'd to directly)
My house has 500Mb internet
My office has 1000Mb internet
A scp for a ~800MB iso file consistently shows results like these:
House to Workstation 1 vi scp to public IP (DMZ address bypass everything freenas) - 36MB/s
House to Workstation1 via scp through VPN - 17.2MB/s
House to OpenVPN jail via scp through VPN - 17.4/s
House to FreeNas via scp through VPN - 1.6MB/s
So observations. VPN speeds are roughly half that of direct connection. VPN to the NAS is way slower at just 1.6MB/s.
Does anyone know why my connection from OpenVPN to Freenas is so slow through the VPN? When I scp files directly from the OpenVPN jail to the Freenas on which its hosted I'm getting speeds of ~120MB/sec.
Here's ifconfig from the OpenVPN Jail
Code:
$ ifconfig -a lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6> inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1 inet 127.0.0.1 netmask 0xff000000 nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> groups: lo epair0b: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=8<VLAN_MTU> ether 02:ff:60:36:38:32 hwaddr 02:2e:d0:00:07:0b inet 10.217.50.13 netmask 0xffffff00 broadcast 10.217.50.255 nd6 options=1<PERFORMNUD> media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>) status: active groups: epair tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1500 options=80000<LINKSTATE> inet 10.8.0.1 --> 10.8.0.2 netmask 0xffffff00 nd6 options=1<PERFORMNUD> groups: tun Opened by PID 6051
And the ifconfig from the FreeNAS
Code:
root@freenas:~ # ifconfig -a igb0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=2400b9<RXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,VLAN_HWTSO,RXCSUM_IPV6> ether 0c:c4:7a:12:52:5e hwaddr 0c:c4:7a:12:52:5e inet 10.217.50.10 netmask 0xff000000 broadcast 10.255.255.255 nd6 options=9<PERFORMNUD,IFDISABLED> media: Ethernet autoselect (1000baseT <full-duplex>) status: active igb1: flags=8c02<BROADCAST,OACTIVE,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=6403bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,TSO6,VLAN_HWTSO,RXCSUM_IPV6,TXCSUM_IPV6> ether 0c:c4:7a:12:52:5f hwaddr 0c:c4:7a:12:52:5f nd6 options=9<PERFORMNUD,IFDISABLED> media: Ethernet autoselect status: no carrier lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6> inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 inet 127.0.0.1 netmask 0xff000000 nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> groups: lo tap0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 description: Attached to VTG_SYSIMG options=80000<LINKSTATE> ether 00:bd:7d:57:f9:00 hwaddr 00:bd:7d:57:f9:00 nd6 options=1<PERFORMNUD> media: Ethernet autoselect status: active groups: tap Opened by PID 5564 bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 ether 02:c8:7c:65:26:00 nd6 options=1<PERFORMNUD> groups: bridge id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200 root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0 member: vnet0:1 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP> ifmaxaddr 0 port 6 priority 128 path cost 2000 member: igb0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP> ifmaxaddr 0 port 1 priority 128 path cost 20000 member: tap0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP> ifmaxaddr 0 port 4 priority 128 path cost 2000000 vnet0:1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 description: associated with jail: openvpn as nic: epair0b options=8<VLAN_MTU> ether 02:ff:60:36:38:31 hwaddr 02:2e:d0:00:06:0a inet6 fe80::ff:60ff:fe36:3831%vnet0:1 prefixlen 64 scopeid 0x6 nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL> media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>) status: active groups: epair
And here's my iocage config.json file:
Code:
root@freenas:/mnt/zvol1/iocage/jails/openvpn # more config.json { "CONFIG_VERSION": "14.1", "allow_chflags": "0", "allow_mlock": "0", "allow_mount": "0", "allow_mount_devfs": "0", "allow_mount_nullfs": "0", "allow_mount_procfs": "0", "allow_mount_tmpfs": "0", "allow_mount_zfs": "0", "allow_quotas": "0", "allow_raw_sockets": "1", "allow_set_hostname": "1", "allow_socket_af": "0", "allow_sysvipc": "0", "allow_tun": "1", "available": "readonly", "basejail": "no", "boot": "on", "bpf": "no", "children_max": "0", "cloned_release": "11.2-RELEASE-p8", "comment": "none", "compression": "lz4", "compressratio": "readonly", "coredumpsize": "off", "count": "1", "cpuset": "off", "cputime": "off", "datasize": "off", "dedup": "off", "defaultrouter": "10.217.50.1", "defaultrouter6": "none", "depends": "none", "devfs_ruleset": "4", "dhcp": "off", "enforce_statfs": "2", "exec_clean": "1", "exec_fib": "0", "exec_jail_user": "root", "exec_poststart": "/usr/bin/true", "exec_poststop": "/usr/bin/true", "exec_prestart": "/usr/bin/true", "exec_prestop": "/usr/bin/true", "exec_start": "/bin/sh /etc/rc", "exec_stop": "/bin/sh /etc/rc.shutdown", "exec_system_jail_user": "0", "exec_system_user": "root", "exec_timeout": "60", "host_domainname": "vtg", "host_hostname": "openvpn", "host_hostuuid": "openvpn", "host_time": "yes", "hostid": "30E3513E-5BC0-11E4-899B-09DC14AEE001", "hostid_strict_check": "off", "interfaces": "vnet0:bridge0", "ip4": "new", "ip4_addr": "vnet0|10.217.50.13/24", "ip4_saddrsel": "1", "ip6": "new", "ip6_addr": "vnet0|accept_rtadv", "ip6_saddrsel": "1", "jail_zfs": "off", "jail_zfs_dataset": "iocage/jails/openvpn/data", "jail_zfs_mountpoint": "none", "last_started": "2020-05-08 01:39:29", "login_flags": "-f root", "mac_prefix": "02ff60", "maxproc": "off", "memorylocked": "off", "memoryuse": "off", "mount_devfs": "1", "mount_fdescfs": "1", "mount_linprocfs": "0", "mount_procfs": "0", "mountpoint": "readonly", "msgqqueued": "off", "msgqsize": "off", "nmsgq": "off", "notes": "none", "nsemop": "off", "nshm": "off", "nthr": "off", "openfiles": "off", "origin": "readonly", "owner": "root", "pcpu": "off", "priority": "99", "pseudoterminals": "off", "quota": "none", "release": "11.2-RELEASE-p8", "reservation": "none", "resolver": "/etc/resolv.conf", "rlimits": "off", "securelevel": "2", "shmsize": "off", "stacksize": "off", "stop_timeout": "30", "swapuse": "off", "sync_state": "none", "sync_target": "none", "sync_tgt_zpool": "none", "sysvmsg": "new", "sysvsem": "new", "sysvshm": "new", "template": "no", "type": "jail", "used": "readonly", "vmemoryuse": "off", "vnet": "on", "vnet0_mac": "02ff60363831 02ff60363832", "vnet1_mac": "none", "vnet2_mac": "none", "vnet3_mac": "none", "vnet_default_interface": "auto", "vnet_interfaces": "none", "wallclock": "off" }
and finally, my Freenas release info:
Code:
root@freenas:/mnt/zvol1/iocage/jails/openvpn # cat /etc/motd FreeBSD 11.2-STABLE (FreeNAS.amd64) #0 r325575+4710c8b6420(HEAD): Fri Feb 14 13:59:19 UTC 2020 FreeNAS (c) 2009-2019, The FreeNAS Development Team All rights reserved. FreeNAS is released under the modified BSD license. For more information, documentation, help or support, go here: http://freenas.org Welcome to FreeNAS