[GLLUG] VPNs (nearly off topic)
Peter Grant
grantpe at gmail.com
Thu Nov 1 14:40:08 UTC 2018
On Thu, 1 Nov 2018 at 13:55, Marco van Beek
<mvanbeek at supporting-role.co.uk> wrote:
>
>
> >>
> >> Hi,
> >>
> >> I would suggest running two sets of pings, one via the VPN and one to the external IP at the other end and see if they both lose traffic at they same time or not.
> >>
> >> Regards
> >>
> >> Marco van Beek
> >> Supporting Role Ltd
> >>
> > Hi Marco,
> > Good call - I missed that from my original email. I ran a ping test to
> > both the public IP and via the VPN. There is some packet loss on the
> > ping to the public IP address - around 0.3%.
> > Via the VPN the packet loss is around 30-40% in the same period. More
> > recently I've got packet loss around 80% showing on my monitoring on
> > one ping test.
> >
> > I might expect some loss on the VPN given this, even an increase over
> > between the public IP addresses, but not by nearly this much.
> > Peter
> Then I think the comments about MTU is where I would go next. I remember
> it being an issue on old IPCop / SmoothWall boxes on ADSL cards, where
> the ADSL card had an MTU setting of 1492, and the IPSEC tunnel was still
> at 1500.
>
> Also, not wanting to be paranoid, but have you checked the performance
> of a VPN from another location in Thailand?
>
> Cheers,
>
> Marco
Hi Marco,
Sadly, the location in Thailand is fixed - a server in a datacentre in Bangkok.
PFSense at both end is straight on ethernet and then fibre connections
- no ADSL lines here, although I can't be certain there's no MTU
issues along the line somewhere.
We've had stable IPSec tunnels with no loss from each end to other
destinations, just not between the two.
Peter
More information about the GLLUG
mailing list