Mastering OpenVPN

Mastering OpenVPN

Mastering OpenVPN
About the Authors
About the Reviewers

Analyzing OpenVPN traffic by using tcpdump

The low-level networking tool tcpdump, or its GUI equivalent Wireshark, is a last resort tool for troubleshooting network issues and network performance. In this section, we will walk through the process of capturing and analyzing the encrypted network traffic produced by OpenVPN.

First, we set up our standard OpenVPN network using the basic-udp configuration files. On the client, there is also a web server running. We will use the wget command on the server side to retrieve a file from the web server so that we can look at the resulting network traffic.

We run tcpdump on the Ethernet interface and capture the network traffic while doing a wget outside the tunnel:

wget -O /dev/null https://CLIENT-IP/test1

The resulting tcpdump output is as follows (modified for the sake of clarity):

As we can see, there are 13 packets to transfer a 5 KB text file. Most of these packets were used to set up and tear down the connection, but there are four large packets...

Unlock full access

Continue reading with a subscription

Packt gives you instant online access to a library of over 7,500 practical eBooks and videos, constantly updated with the latest in tech

End of Section 6

Your notes and bookmarks