I've set up a server to run OpenVPN, with the purpose of clients accessing Samba shares remotely.
The server is running CentOS 5.6, a decent quad-core Xeon CPU and plenty of RAM. The client I've tested it on is a Windows 7 x64 machine, also with quite high specs.
The result is that uploads and downloads to the client run at about 60KB/s. I understand that Samba is very inefficient in the way it makes a lot of repeat trips, but even so – the client has a bandwidth of 50Mbps downstream and 4Mbps upstream. Even if the client's upload speed was the bottleneck, it's still some 9 times slower than that.
CPU usage is negligible on the server and client during transfers, so this must rule out cipher speeds.
The appropriate OpenVPN port is open on both server and client; the OpenVPN cipher is AES-128-CBC with a 160-bit SHA1 HMAC; a TLS key is also being used, as well as comp-lzo compression.
Any idea what this could be? I know Samba is slow… but surely this can't be right!
Best Answer
Make sure that your OpenVPN tunnel is using UDP, and not TCP. Additionally, ensure that the tunnel is using compression by using the 'comp-lzo' directive in your OpenVPN config file on both ends.
Lastly, it may be worth setting the MTU and MSS clamp values for the tunnel, but this depends on the type of internet connection you're using, and if incorrectly set, would usually result in timeouts rather than slow transfers anyway.
The MSS clamping would also need to be set to something like 1300 one level lower than OpenVPN, for the PPP connection itself. However, as I've said, I have no clue what type of connectivity you're using - MSS clamping would only be useful on a non-Ethernet network such as ADSL, etc.