Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

What would cause some VPN traffic from client to go through only one uplink? #2366

Closed
grapexy opened this issue May 27, 2022 · 1 comment
Closed

What would cause some VPN traffic from client to go through only one uplink? #2366

grapexy opened this issue May 27, 2022 · 1 comment
Labels
question Stale

Comments

@grapexy
Copy link

grapexy commented May 27, 2022

OMR is sitting after opnsense router as gateway that has some devices that use VPN (OpenVPN & Wireguard). Some of these connections are not aggregated, some of them are. Trying to figure out why this happens.

V2Ray is used on OMR as it provides best overall performance from my testing (and as it supports UDP too).

Two types of VPN routing on the network:

  1. Client with VPN connection --> opnsense firewall with OMR as default gateway --> OMR
  2. Client without VPN connection --> opnsense interface (outbound NAT) --> OpenVPN / Wireguard connection as gateway for all outgoing connections --> OMR as gateway.

This is my testing:

  1. OpenVPN over UDP on client = No aggregation / only one uplink used
  2. OpenVPN over UDP on opnsense = No aggregation / only one uplink used
  3. OpenVPN over TCP on client = Aggregation / All links are used
  4. OpenVPN over TCP on opnsense = No aggregation / only one uplink used
  5. WireGuard UDP on client = No aggregation
  6. WireGuard UDP on opnsense = No aggregation

All of these devices (and sometimes entire subnets) need to utilize a different VPN connection, so configuring VPN on the VPS is not an option, configuring VPN on OMR is also not an option as it's not aware of different subnets/devices (it's basically a single uplink/wan on opnsense), it also will not be able to handle all of this on its own.

So as you can see, aggregation of traffic that's encapsulated in VPN tunnel only works when OpenVPN over TCP is used on client. But if an entire subnet is routed through the same OVPN-over-TCP on router before OMR, it's not aggregated, while openvpn configuration is the same.

What could be happening here? I'm especially curious why OVPN-over-TCP is aggregated when tunnel is established from client, but is not aggregated when tunnel is established on router before OMR. System log did not really point in any right direction
@github-actions
Copy link

This issue is stale because it has been open 90 days with no activity. Remove stale label or comment or this will be closed in 5 days

@github-actions github-actions bot added the Stale label Aug 26, 2022
@xzjq xzjq mentioned this issue Dec 8, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question Stale
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@grapexy