| 36 | == Tweaked setup == |
| 37 | the first tweak made was: |
| 38 | * increase the MTU size of the tun adapter ('--tun-mtu') to 6000 bytes. This resembles JumboFrames on a regular Ethernet LAN. Note that the MTU size on the underlying network switches was '''not''' altered. |
| 39 | * disable OpenVPN's internal fragmentation algorithm using '--fragment 0'. |
| 40 | * disable OpenVPN's 'TCP Maximum Segment Size' limitor using '--mssfix 0'. |
| 41 | |
| 42 | {{{ |
| 43 | openvpn --dev tun --proto udp --port 11000 --secret secret.key --ifconfig 192.168.222.11 192.168.222.10 |
| 44 | --tun-mtu 6000 --fragment 0 --mssfix 0 |
| 45 | }}} |
| 46 | and client |
| 47 | {{{ |
| 48 | openvpn --dev tun --proto udp --port 11000 --secret secret.key --ifconfig 192.168.222.10 192.168.222.11 --remote server |
| 49 | --tun-mtu 6000 --fragment 0 --mssfix 0 |
| 50 | }}} |
| 51 | Now an '''iperf''' result of '''307 Mbps''' is obtained. |
| 52 | |
| 53 | By playing with the '--tun-mtu' size we obtain |
| 54 | ||= MTU= ||= Blowfish =||= AES256 =|| |
| 55 | ||= 1500=|| 158 || 126 || |
| 56 | ||= 6000=|| 307 || 220 || |
| 57 | ||= 9000=|| 370 || 249 || |
| 58 | ||=12000=|| 416 || 252 || |
| 59 | ||=24000=|| 466 || 259 || |
| 60 | ||=36000=|| 470 || 244 || |
| 61 | ||=48000=|| 510 || 247 || |
| 62 | ||=60000=|| 488 || 221 || |