[ previous ] [ next ] [ threads ]
 
 From:  Nathaniel Irons <ndi dash l at bumppo dot net>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] our pokey VPN
 Date:  Tue, 10 Oct 2006 08:50:10 -0700
[Apologies if this shows up twice. I sent it Sunday night and 
haven't seen a copy show up locally or on the list archives.]

On Fri, Jun 23, 2006 at 04:32:55PM -0400, Chris Buechler wrote:

> >Any suggestions on where to take the inquiry from here?
> >
>
> Not a clue....I'd talk to the ISP at this point.Is there any way
> you can take down one of the bonded links and try it with one link, to
> see if they have the bonding screwed up somehow?I kind of doubt it's
> a m0n0wall issue at this point.

Turned out you were right about that. I set up the PPTP VPN in 
OS X
Server and saw the same performance splits when I delegated PPTP there.

When we found out how to unbond the connection (which involved tugging
one T1 out of the Cisco box they sent us to do the bonding and waiting
several seconds), outbound throughput went from modem-esque 40 
Kbps up
to about 1.2 Mbps.

We've been bugging our ISP about it ever since, and they're finally
taking some action. They also suggested lowering the MTU, which,
averaging ten iperf samples at 1460 seemed to deliver a 
miniscule 10
kbps improvement, but at 750 the results were indistinguishable from
an MTU of 1500.

So, they're now asking if we can tell them anything from the log about
"lost fragments and silent discards", but that appears to be a level
of logging detail that m0n0wall does not expose. Is there any 
help to
be had there?

I'm a little curious about the validity of my test with the 
other PPTP
server -- with OS X also based on FreeBSD, were both systems 
using the
same underlying PPTP implementation, or does m0n0wall incorporate
something else? Put another way, is there anyone using m0n0wall 
(or OS
X Server, or FreeBSD) with bonded T1s, whose outbound PPTP throughput
isn't an athsmatic mess?

Much obliged,

-nat