Book Image

Troubleshooting OpenVPN

By : Eric F Crist
Book Image

Troubleshooting OpenVPN

By: Eric F Crist

Overview of this book

OpenVPN, the most widely used open source VPN package, allows you to create a secure network across systems, keeping your private data secure. Connectivity and other issues are a pain to deal with, especially if they are impacting your business. This book will help you resolve the issues faced by OpenVPN users and teach the techniques on how to troubleshoot it like a true expert. This book is a one stop solution for troubleshooting any issue related to OpenVPN. We will start by introducing you to troubleshooting techniques such as Packet Sniffing, Log Parsing, and OpenSSL. You will see how to overcome operating system specific errors. Later on, you will get to know about network and routing errors by exploring the concepts of IPv4 and IPv6 networking issues. You will discover how to overcome these issues to improve the performance of your OpenVPN deployment. By the end of the book, you will know the best practices, tips, and tricks to ensure the smooth running of your OpenVPN.
Table of Contents (16 chapters)

UDP troubleshooting


As a general rule, UDP is a better option for VPN traffic than TCP. TCP works very hard to ensure that every single packet makes it across the wire (or any other medium) uncorrupted and in order. For some things, such as SSH, file transfers, and web traffic, this is a good thing; we expect the resulting content to be legible and generally in its original form.

When connectivity is reliable with relatively little packet loss, TCP can function just fine for VPN. When that link drops packets and becomes unreliable, the problem can be amplified dramatically when the encapsulated traffic is also using TCP. The resulting traffic includes retransmit from both the OpenVPN processes at either end and the encapsulated traffic at both ends. This results in potentially four times the packet count.

By its nature, UDP is a connectionless protocol. UDP is great for data where it is acceptable to receive packets out of order or when packets can go missing. The out-of-order packets are...