Show Posts
1
Tutorials and FAQs / Re: HOWTO - Routing Traffic over Private VPN
« on: December 14, 2020, 03:48:28 pm »
Hi All.
I could manage doing selective routing by performing the NordVPN OPNsense 19.x online tutorial on the newest and latest OPNsense 20.7..., additionally created (DE, UK-) Aliases with Host IPs and defining them in the rules after the basic ones and defining within the clients "Don't pull routes" selected. I have clients in the network going direct to WAN, to NordVPN servers in Germany and UK. Works fine every Alias does have his own dedicated VPN. I've used pfSense 2.4.5 before and now using the same NordVPN servers as before. In OPNsense everything behaves feelable slower. Every change takes a while to be approved from the system and a restart takes very long comparing to pfSense. Everything would be fine but the VPN d/l speed is much slower now than under pfSense - about 40% loss in speed. OPNsense gives me about 60Mbps whereas under pfSense I measured full ISP speed (105Mbps). Hardware is a APU2C4 which does have the capability of at least 150Mbps - may be I have to update the APU-BIOS which I couldn't figure out until now what BIOS it has and what BIOS Flashrom software is compatible. Does somebody have experiences in OpenVPN speed differences using different BIOS'es? The flashrom pkg I've installed already via OPNsense ssh but more was not possible. I can't give a feedback about stability now....need to await. I was not unhappy with pfSense, just want to try out. But the speed would be an issue to go back to pf when I can't optimise it. On pf for example there was an "Use fast I/O operation with UDP writes to tun/tab.Experimental."-option which really pushed up the speed. I also used pfBlocker_NG_Devil which worked perfect. No I use Unbound with Blacklists but I think I have to manually adjust some more. Nice regards.
I could manage doing selective routing by performing the NordVPN OPNsense 19.x online tutorial on the newest and latest OPNsense 20.7..., additionally created (DE, UK-) Aliases with Host IPs and defining them in the rules after the basic ones and defining within the clients "Don't pull routes" selected. I have clients in the network going direct to WAN, to NordVPN servers in Germany and UK. Works fine every Alias does have his own dedicated VPN. I've used pfSense 2.4.5 before and now using the same NordVPN servers as before. In OPNsense everything behaves feelable slower. Every change takes a while to be approved from the system and a restart takes very long comparing to pfSense. Everything would be fine but the VPN d/l speed is much slower now than under pfSense - about 40% loss in speed. OPNsense gives me about 60Mbps whereas under pfSense I measured full ISP speed (105Mbps). Hardware is a APU2C4 which does have the capability of at least 150Mbps - may be I have to update the APU-BIOS which I couldn't figure out until now what BIOS it has and what BIOS Flashrom software is compatible. Does somebody have experiences in OpenVPN speed differences using different BIOS'es? The flashrom pkg I've installed already via OPNsense ssh but more was not possible. I can't give a feedback about stability now....need to await. I was not unhappy with pfSense, just want to try out. But the speed would be an issue to go back to pf when I can't optimise it. On pf for example there was an "Use fast I/O operation with UDP writes to tun/tab.Experimental."-option which really pushed up the speed. I also used pfBlocker_NG_Devil which worked perfect. No I use Unbound with Blacklists but I think I have to manually adjust some more. Nice regards.