Our openVPN VPN is having random latency issues (in particulier with ssh and smb).
How can I determine the cause of this latency? Can I play on the MSS with iperf for example, and how?
Our openVPN VPN is having random latency issues (in particulier with ssh and smb).
How can I determine the cause of this latency? Can I play on the MSS with iperf for example, and how?
The first thing I would do is check the tunnel traffic itself, and the connectivity it's using. If you've using OpenVPN, you're probably traversing the Internet (as the most common need for a VPN). Do you monitor the latency between your OpenVPN end-points? If not, you should start there. It's as easy as running mtr when the issues are occurring, or even better, running some monitoring tool to constantly track the latency between those points (there are dozens of tools that can do this). It can sometimes be useful to track the same latency through the tunnel, as well as outside of it, to give you data points to correlate.
This will help determine whether it's an issue inside the tunnel (less likely) or an issue with the overall connection (more likely).
If the above testing shows you that nothing looks strange or unusual during the time periods that you see high latency, then it's time to start testing further inside the tunnel. At that point, you might want to look into some performance testing tools (preferably only after you're tracking metrics for comparison). You can also use
wireshark
ortcpdump
to capture packets on your OpenVPN end-point and look at the packet timing and activity. Investigating both the tunnel packets and the traffic going through the tunnel might be worthwhile, depending on what your latency monitoring shows.Check that you're not dropping packets. TCP connections will recover, but pause briefly, when a segment is dropped.
Use a tool such as SmokePing (http://oss.oetiker.ch/smokeping/), which will highlight round-trip time and packet loss.