Reply

R7000 OpenVPN latency,ping,slow

qwerty77
Aspirant

R7000 OpenVPN latency,ping,slow

Hi all,

 

When I'm connecting via VPN to my home network, everything is very slowly and laggy. 

My router has IP address 192.168.2.1 and I see this rule below in the client log and it seems like that's the cause, but how to fix it? 

Tue Nov 07 12:04:17 2017 us=566872 OpenVPN ROUTE: failed to parse/resolve route for host/network: 192.168.2.0

 

Client log:

Tue Nov 07 12:03:53 2017 us=799247 OpenVPN 2.4.4 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Sep 26 2017
Tue Nov 07 12:03:53 2017 us=799247 Windows version 6.2 (Windows 8 or greater) 64bit
Tue Nov 07 12:03:53 2017 us=799247 library versions: OpenSSL 1.0.2l 25 May 2017, LZO 2.10
Enter Management Password:
Tue Nov 07 12:03:53 2017 us=799247 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Tue Nov 07 12:03:53 2017 us=799247 Need hold release from management interface, waiting...
Tue Nov 07 12:03:54 2017 us=280937 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Tue Nov 07 12:03:54 2017 us=390209 MANAGEMENT: CMD 'state on'
Tue Nov 07 12:03:54 2017 us=390209 MANAGEMENT: CMD 'log all on'
Tue Nov 07 12:03:55 2017 us=xx3595 MANAGEMENT: CMD 'echo all on'
Tue Nov 07 12:03:55 2017 us=848098 MANAGEMENT: CMD 'hold off'
Tue Nov 07 12:03:55 2017 us=861589 MANAGEMENT: CMD 'hold release'
Tue Nov 07 12:03:55 2017 us=862077 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Tue Nov 07 12:03:55 2017 us=946021 LZO compression initializing
Tue Nov 07 12:03:55 2017 us=946021 Control Channel MTU parms [ L:1654 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Tue Nov 07 12:03:55 2017 us=946021 Data Channel MTU parms [ L:1654 D:1450 EF:122 EB:411 ET:32 EL:3 ]
Tue Nov 07 12:03:55 2017 us=946021 Local Options String (VER=V4): 'V4,dev-type tap,link-mtu 1590,tun-mtu 1532,proto UDPv4,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Tue Nov 07 12:03:55 2017 us=946021 Expected Remote Options String (VER=V4): 'V4,dev-type tap,link-mtu 1590,tun-mtu 1532,proto UDPv4,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Tue Nov 07 12:03:55 2017 us=946021 TCP/UDP: Preserving recently used remote address: [AF_INET]145.xx.xx.xx:xxxxx
Tue Nov 07 12:03:55 2017 us=946021 Socket Buffers: R=[65536->65536] S=[64512->64512]
Tue Nov 07 12:03:55 2017 us=946021 UDP link local: (not bound)
Tue Nov 07 12:03:55 2017 us=946021 UDP link remote: [AF_INET]145.xx.xx.xx:xxxxx
Tue Nov 07 12:03:55 2017 us=946021 MANAGEMENT: >STATE:1510052635,WAIT,,,,,,
Tue Nov 07 12:03:58 2017 us=925606 MANAGEMENT: >STATE:1510052638,AUTH,,,,,,
Tue Nov 07 12:03:58 2017 us=925606 TLS: Initial packet from [AF_INET]145.xx.xx.xx:xxxxx, sid=bcf2ade2 88fb8afb
Tue Nov 07 12:03:59 2017 us=269180 VERIFY OK: depth=1, C=TW, ST=TW, L=Taipei, O=netgear, OU=netgear, CN=netgear, emailAddress=mail@netgear.com
Tue Nov 07 12:03:59 2017 us=269180 VERIFY OK: depth=0, C=TW, ST=TW, O=netgear, OU=netgear, CN=netgear, emailAddress=mail@netgear.com
Tue Nov 07 12:03:59 2017 us=376138 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Tue Nov 07 12:03:59 2017 us=376138 [netgear] Peer Connection Initiated with [AF_INET]145.xx.xx.xx:xxxxx
Tue Nov 07 12:04:00 2017 us=423049 MANAGEMENT: >STATE:1510052640,GET_CONFIG,,,,,,
Tue Nov 07 12:04:00 2017 us=423049 SENT CONTROL [netgear]: 'PUSH_REQUEST' (status=1)
Tue Nov 07 12:04:05 2017 us=493859 SENT CONTROL [netgear]: 'PUSH_REQUEST' (status=1)
Tue Nov 07 12:04:11 2017 us=8668 SENT CONTROL [netgear]: 'PUSH_REQUEST' (status=1)
Tue Nov 07 12:04:16 2017 us=521258 SENT CONTROL [netgear]: 'PUSH_REQUEST' (status=1)
Tue Nov 07 12:04:17 2017 us=566872 PUSH: Received control message: 'PUSH_REPLY,route 192.168.2.0 255.255.255.0,route-delay 5,route-gateway dhcp,ping 10,ping-restart xx,route 192.168.2.1 255.255.255.0 192.168.2.1'
Tue Nov 07 12:04:17 2017 us=566872 OPTIONS IMPORT: timers and/or timeouts modified
Tue Nov 07 12:04:17 2017 us=566872 OPTIONS IMPORT: route options modified
Tue Nov 07 12:04:17 2017 us=566872 OPTIONS IMPORT: route-related options modified
Tue Nov 07 12:04:17 2017 us=566872 Data Channel MTU parms [ L:1590 D:1450 EF:58 EB:411 ET:32 EL:3 ]
Tue Nov 07 12:04:17 2017 us=566872 Outgoing Data Channel: Cipher 'AES-128-CBC' initialized with 128 bit key
Tue Nov 07 12:04:17 2017 us=566872 Outgoing Data Channel: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Nov 07 12:04:17 2017 us=566872 Incoming Data Channel: Cipher 'AES-128-CBC' initialized with 128 bit key
Tue Nov 07 12:04:17 2017 us=566872 Incoming Data Channel: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Nov 07 12:04:17 2017 us=566872 interactive service msg_channel=552
Tue Nov 07 12:04:17 2017 us=566872 ROUTE_GATEWAY 10.55.51.1/255.255.255.0 I=5 HWADDR=00:1f:b5:23:93:6a
Tue Nov 07 12:04:17 2017 us=566872 OpenVPN ROUTE: OpenVPN needs a gateway parameter for a --route option and no default was specified by either --route-gateway or --ifconfig options
Tue Nov 07 12:04:17 2017 us=566872 OpenVPN ROUTE: failed to parse/resolve route for host/network: 192.168.2.0
Tue Nov 07 12:04:17 2017 us=566872 open_tun
Tue Nov 07 12:04:17 2017 us=566872 TAP-WIN32 device [NETGEAR-VPN] opened: \\.\Global\{F57EFFD5-04F6-4A46-943B-4C727D6C5BD6}.tap
Tue Nov 07 12:04:17 2017 us=566872 TAP-Windows Driver Version 9.21
Tue Nov 07 12:04:17 2017 us=566872 TAP-Windows MTU=1500
Tue Nov 07 12:04:17 2017 us=566872 Successful ARP Flush on interface [16] {F57EFFD5-04F6-4A46-943B-4C727D6C5BD6}
Tue Nov 07 12:04:19 2017 us=804970 Extracted DHCP router address: 192.168.2.1
Tue Nov 07 12:04:22 2017 us=71377 TEST ROUTES: 1/1 succeeded len=1 ret=1 a=0 u/d=up
Tue Nov 07 12:04:22 2017 us=71377 MANAGEMENT: >STATE:1510052662,ADD_ROUTES,,,,,,
Tue Nov 07 12:04:22 2017 us=71377 C:\Windows\system32\route.exe ADD 192.168.2.1 MASK 255.255.255.0 192.168.2.1
Tue Nov 07 12:04:22 2017 us=71377 ROUTE: route addition failed using service: The parameter is incorrect. [status=87 if_index=16]
Tue Nov 07 12:04:22 2017 us=71377 Route addition via service failed
Tue Nov 07 12:04:22 2017 us=71377 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Tue Nov 07 12:04:22 2017 us=71377 Initialization Sequence Completed
Tue Nov 07 12:04:22 2017 us=71377 MANAGEMENT: >STATE:1510052662,CONNECTED,SUCCESS,,145.xx.xx.xx,xxxxx,,

 

Show Status (on client):

Tue Nov 07 12:03:53 2017 OpenVPN 2.4.4 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Sep 26 2017
Tue Nov 07 12:03:53 2017 Windows version 6.2 (Windows 8 or greater) 64bit
Tue Nov 07 12:03:53 2017 library versions: OpenSSL 1.0.2l 25 May 2017, LZO 2.10
Tue Nov 07 12:03:53 2017 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Tue Nov 07 12:03:53 2017 Need hold release from management interface, waiting...
Tue Nov 07 12:03:54 2017 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Tue Nov 07 12:03:54 2017 MANAGEMENT: CMD 'state on'
Tue Nov 07 12:03:54 2017 MANAGEMENT: CMD 'log all on'
Tue Nov 07 12:03:55 2017 MANAGEMENT: CMD 'echo all on'
Tue Nov 07 12:03:55 2017 MANAGEMENT: CMD 'hold off'
Tue Nov 07 12:03:55 2017 MANAGEMENT: CMD 'hold release'
Tue Nov 07 12:03:55 2017 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Tue Nov 07 12:03:55 2017 LZO compression initializing
Tue Nov 07 12:03:55 2017 Control Channel MTU parms [ L:1654 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Tue Nov 07 12:03:55 2017 Data Channel MTU parms [ L:1654 D:1450 EF:122 EB:411 ET:32 EL:3 ]
Tue Nov 07 12:03:55 2017 Local Options String (VER=V4): 'V4,dev-type tap,link-mtu 1590,tun-mtu 1532,proto UDPv4,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Tue Nov 07 12:03:55 2017 Expected Remote Options String (VER=V4): 'V4,dev-type tap,link-mtu 1590,tun-mtu 1532,proto UDPv4,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Tue Nov 07 12:03:55 2017 TCP/UDP: Preserving recently used remote address: [AF_INET]145.xx.xx.xx:xxxxx
Tue Nov 07 12:03:55 2017 Socket Buffers: R=[65536->65536] S=[64512->64512]
Tue Nov 07 12:03:55 2017 UDP link local: (not bound)
Tue Nov 07 12:03:55 2017 UDP link remote: [AF_INET]145.xx.xx.xx:xxxxx
Tue Nov 07 12:03:55 2017 MANAGEMENT: >STATE:1510052635,WAIT,,,,,,
Tue Nov 07 12:03:58 2017 MANAGEMENT: >STATE:1510052638,AUTH,,,,,,
Tue Nov 07 12:03:58 2017 TLS: Initial packet from [AF_INET]145.xx.xx.xx:xxxxx, sid=bcf2ade2 88fb8afb
Tue Nov 07 12:03:59 2017 VERIFY OK: depth=1, C=TW, ST=TW, L=Taipei, O=netgear, OU=netgear, CN=netgear, emailAddress=mail@netgear.com
Tue Nov 07 12:03:59 2017 VERIFY OK: depth=0, C=TW, ST=TW, O=netgear, OU=netgear, CN=netgear, emailAddress=mail@netgear.com
Tue Nov 07 12:03:59 2017 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Tue Nov 07 12:03:59 2017 [netgear] Peer Connection Initiated with [AF_INET]145.xx.xx.xx:xxxxx
Tue Nov 07 12:04:00 2017 MANAGEMENT: >STATE:1510052640,GET_CONFIG,,,,,,
Tue Nov 07 12:04:00 2017 SENT CONTROL [netgear]: 'PUSH_REQUEST' (status=1)
Tue Nov 07 12:04:05 2017 SENT CONTROL [netgear]: 'PUSH_REQUEST' (status=1)
Tue Nov 07 12:04:11 2017 SENT CONTROL [netgear]: 'PUSH_REQUEST' (status=1)
Tue Nov 07 12:04:16 2017 SENT CONTROL [netgear]: 'PUSH_REQUEST' (status=1)
Tue Nov 07 12:04:17 2017 PUSH: Received control message: 'PUSH_REPLY,route 192.168.2.0 255.255.255.0,route-delay 5,route-gateway dhcp,ping 10,ping-restart xx,route 192.168.2.1 255.255.255.0 192.168.2.1'
Tue Nov 07 12:04:17 2017 OPTIONS IMPORT: timers and/or timeouts modified
Tue Nov 07 12:04:17 2017 OPTIONS IMPORT: route options modified
Tue Nov 07 12:04:17 2017 OPTIONS IMPORT: route-related options modified
Tue Nov 07 12:04:17 2017 Data Channel MTU parms [ L:1590 D:1450 EF:58 EB:411 ET:32 EL:3 ]
Tue Nov 07 12:04:17 2017 Outgoing Data Channel: Cipher 'AES-128-CBC' initialized with 128 bit key
Tue Nov 07 12:04:17 2017 Outgoing Data Channel: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Nov 07 12:04:17 2017 Incoming Data Channel: Cipher 'AES-128-CBC' initialized with 128 bit key
Tue Nov 07 12:04:17 2017 Incoming Data Channel: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Nov 07 12:04:17 2017 interactive service msg_channel=552
Tue Nov 07 12:04:17 2017 ROUTE_GATEWAY 10.55.51.1/255.255.255.0 I=5 HWADDR=00:1f:b5:23:93:6a
Tue Nov 07 12:04:17 2017 OpenVPN ROUTE: OpenVPN needs a gateway parameter for a --route option and no default was specified by either --route-gateway or --ifconfig options
Tue Nov 07 12:04:17 2017 OpenVPN ROUTE: failed to parse/resolve route for host/network: 192.168.2.0
Tue Nov 07 12:04:17 2017 open_tun
Tue Nov 07 12:04:17 2017 TAP-WIN32 device [NETGEAR-VPN] opened: \\.\Global\{F57EFFD5-04F6-4A46-943B-4C727D6C5BD6}.tap
Tue Nov 07 12:04:17 2017 TAP-Windows Driver Version 9.21
Tue Nov 07 12:04:17 2017 TAP-Windows MTU=1500
Tue Nov 07 12:04:17 2017 Successful ARP Flush on interface [16] {F57EFFD5-04F6-4A46-943B-4C727D6C5BD6}
Tue Nov 07 12:04:19 2017 Extracted DHCP router address: 192.168.2.1
Tue Nov 07 12:04:22 2017 TEST ROUTES: 1/1 succeeded len=1 ret=1 a=0 u/d=up
Tue Nov 07 12:04:22 2017 MANAGEMENT: >STATE:1510052662,ADD_ROUTES,,,,,,
Tue Nov 07 12:04:22 2017 C:\Windows\system32\route.exe ADD 192.168.2.1 MASK 255.255.255.0 192.168.2.1
Tue Nov 07 12:04:22 2017 ROUTE: route addition failed using service: The parameter is incorrect. [status=87 if_index=16]
Tue Nov 07 12:04:22 2017 Route addition via service failed
Tue Nov 07 12:04:22 2017 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Tue Nov 07 12:04:22 2017 Initialization Sequence Completed
Tue Nov 07 12:04:22 2017 MANAGEMENT: >STATE:1510052662,CONNECTED,SUCCESS,,145.xx.xx.xx,xxxxx,,

 

Ping WAN results:

Ping WAN.png


Ping LAN results:

Ping LAN.png

 

Need I change / enable / disable something? 

Thanks for help!

 

Model: R7000|Nighthawk AC1900 Dual Band WiFi Router
Message 1 of 3

Accepted Solutions
qwerty77
Aspirant

Re: R7000 OpenVPN latency,ping,slow

Topic can be closed. Setting the TUN and TAP Servicetype to TCP instead of UDP gives much better performance. 

Ping results are now around the 11-12 ms. 

View solution in original post

Message 2 of 3

All Replies
qwerty77
Aspirant

Re: R7000 OpenVPN latency,ping,slow

Topic can be closed. Setting the TUN and TAP Servicetype to TCP instead of UDP gives much better performance. 

Ping results are now around the 11-12 ms. 

Message 2 of 3
KristinaS
Apprentice

Re: R7000 OpenVPN latency,ping,slow


@qwerty77 wrote:

Topic can be closed. Setting the TUN and TAP Servicetype to TCP instead of UDP gives much better performance. 

Ping results are now around the 11-12 ms. 


usualy udp is faser. i am using tun and udp.

Message 3 of 3
Top Contributors
Discussion stats
  • 2 replies
  • 4411 views
  • 0 kudos
  • 2 in conversation
Announcements

Orbi WiFi 6E