Hi Hans,
On 13/02/20 10:15, Hans via Openvpn-users wrote:
Hi all,
Is there anyone around here, that performed a measurement what the
impact is of doing http-encapsusation (http-proxy) with openvpn?
My case:
- Client & servers are on a (huge) LAN
- client is 2.4.6, servers are 2.4.7
- Setting up a vpn connection with UDP, doing a ping toward machine
behind the server, I get a latency of 10-20mS
- Setting up a vpn connection with TCP and http-proxy, doing a ping
toward machine behind the server, I get a latency of 200-340mS
I cannot imagine that the process of encapsulation and peeling out by
the reversed proxy requires the same amount of time (extra 200++ mS)
that is equivalent of a transatlantic round trip.
The reversed proxy, and the network around it are both beyond my control.
FWIW: I have just tested this myself, using OpenVPN 2.4.8 and apache
mod_proxy, with no additional configuration or tuning other than
"--http-proxy A.B.C.D 80 " : the latency did *not* go up when testing
this from my home address to the server's address. In a high speed LAN
environment the latency went from sub millisecond level to ~2 ms .
You can try playing with --tcp-nodelay on the server to see if that
helps. Also, I assume that your ping latency tests were using *SMALL*
packets - if not, then tuning the tun-mtu size might help
HTH,
JJK
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
