Date: Fri, 31 Jan 2003 07:53:59 -0800 (PST) From: jdroflet@canada.com To: freebsd-questions@FreeBSD.ORG Subject: PPtP Client to MPD to boxes behind NATD are very slow ?? Message-ID: <20030131075400.28070.h011.c009.wm@mail.canada.com.criticalpath.net>
next in thread | raw e-mail | index | archive | help
After connecting via VPN I can get decent throughput from the MPD host but very poor speed from anything past it.
I have tried adjusting the iface mtu to as low as 1350 with the same results.
Problems are on downloading files from the hosts to the client.
I have:
MPD version 3.10
4.5-RELEASE as a Gateway/NATD/Firewall using IPFW. IPFW is set to OPEN.
A separte public IP is redirected to a 4.7 RELEASE box on the inside.
Client(s) tested with have been Windows 2000 SP2 and SP3 from 2 different ADSL Lines.
client-----1.2.3.4 MPD/NATD 172.16.105.80------172.16.105.66 / 5.6.7.8 Redirected from 1.2.3.4
Tests using Penguinet SCP and a 1.9 MB ZIP file.
Baseline Download the file from the public IP's
1.2.3.4 -> client 180 kBs
5.6.7.8 -> client 180 kBs
Now test via the PPtP.
172.16.105.80 -> client 84 kBs
172.16.105.66 -> client 35 kBs
I have another FreeBSD box on the inside and get the same results when SCPing via the tunnel.
The configs and a log.
mpd.conf
default:
load pptp
pptp:
new -i ng0 pptp pptp
set iface disable on-demand
set iface enable proxy-arp
set iface idle 1800
set iface mtu 1350
set bundle enable multilink
set link yes acfcomp protocomp
set link no pap chap
set link enable chap
set link keep-alive 10 60
# set link mtu 1460
set ipcp yes vjcomp
set ipcp ranges 172.16.105.80/32 172.16.105.75/32
set ipcp dns 172.16.105.67
set bundle enable compression
set ccp yes mppc
set ccp yes mpp-e40
set ccp yes mpp-e128
set ccp yes mpp-stateless
set bundle enable crypt-reqd
#
mpd.links
#
pptp:
set link type pptp
set pptp self 1.2.3.4
set pptp enable incoming
set pptp disable originate
#
And a log of a session.
Multi-link PPP for FreeBSD, by Archie L. Cobbs.
Based on iij-ppp, by Toshiharu OHNO.
mpd: pid 169, version 3.10 (root@mpd.host.com22:36 29-Jan-2003)
[pptp] ppp node is "mpd169-pptp"
mpd: local IP address for PPTP is 1.2.3.4
[pptp] using interface ng0
[pptp:pptp] mpd: PPTP connection from a.b.c.d:17670
pptp0: attached to connection with a.b.c.d:17670
[pptp] IFACE: Open event
[pptp] IPCP: Open event
[pptp] IPCP: state change Initial --> Starting
[pptp] IPCP: LayerStart
[pptp] IPCP: Open event
[pptp] bundle: OPEN event in state CLOSED
[pptp] opening link "pptp"...
[pptp] link: OPEN event
[pptp] LCP: Open event
[pptp] LCP: state change Initial --> Starting
[pptp] LCP: LayerStart
[pptp] device: OPEN event in state DOWN
[pptp] attaching to peer's outgoing call
[pptp] device is now in state OPENING
[pptp] device: UP event in state OPENING
[pptp] device is now in state UP
[pptp] link: UP event
[pptp] link: origination is remote
[pptp] LCP: Up event
[pptp] LCP: state change Starting --> Req-Sent
[pptp] LCP: phase shift DEAD --> ESTABLISH
[pptp] LCP: SendConfigReq #1
ACFCOMP
PROTOCOMP
MRU 1500
MAGICNUM 23d72d4b
AUTHPROTO CHAP MSOFTv2
MP MRRU 1600
MP SHORTSEQ
ENDPOINTDISC [802.1] 00 02 b3 a1 52 12
pptp0-0: ignoring SetLinkInfo
[pptp] LCP: rec'd Configure Request #0 link 0 (Req-Sent)
MAGICNUM 163850eb
PROTOCOMP
ACFCOMP
CALLBACK
Not supported
MP MRRU 1614
ENDPOINTDISC [LOCAL] 50 76 8d a8 cd ea 4b 1f 9b 45 e2 43 ea 8b 68 14 00 00 00 01
[pptp] LCP: SendConfigRej #0
CALLBACK
[pptp] LCP: rec'd Configure Reject #1 link 0 (Req-Sent)
MP SHORTSEQ
[pptp] LCP: SendConfigReq #2
ACFCOMP
PROTOCOMP
MRU 1500
MAGICNUM 23d72d4b
AUTHPROTO CHAP MSOFTv2
MP MRRU 1600
ENDPOINTDISC [802.1] 00 02 b3 a1 52 12
[pptp] LCP: rec'd Configure Request #1 link 0 (Req-Sent)
MAGICNUM 163850eb
PROTOCOMP
ACFCOMP
MP MRRU 1614
ENDPOINTDISC [LOCAL] 50 76 8d a8 cd ea 4b 1f 9b 45 e2 43 ea 8b 68 14 00 00 00 01
[pptp] LCP: SendConfigNak #1
MP MRRU 1600
[pptp] LCP: rec'd Configure Ack #2 link 0 (Req-Sent)
ACFCOMP
PROTOCOMP
MRU 1500
MAGICNUM 23d72d4b
AUTHPROTO CHAP MSOFTv2
MP MRRU 1600
ENDPOINTDISC [802.1] 00 02 b3 a1 52 12
[pptp] LCP: state change Req-Sent --> Ack-Rcvd
[pptp] LCP: rec'd Configure Request #2 link 0 (Ack-Rcvd)
MAGICNUM 163850eb
PROTOCOMP
ACFCOMP
MP MRRU 1600
ENDPOINTDISC [LOCAL] 50 76 8d a8 cd ea 4b 1f 9b 45 e2 43 ea 8b 68 14 00 00 00 01
[pptp] LCP: SendConfigAck #2
MAGICNUM 163850eb
PROTOCOMP
ACFCOMP
MP MRRU 1600
ENDPOINTDISC [LOCAL] 50 76 8d a8 cd ea 4b 1f 9b 45 e2 43 ea 8b 68 14 00 00 00 01
[pptp] LCP: state change Ack-Rcvd --> Opened
[pptp] LCP: phase shift ESTABLISH --> AUTHENTICATE
[pptp] LCP: auth: peer wants nothing, I want CHAP
[pptp] CHAP: sending CHALLENGE
[pptp] LCP: LayerUp
[pptp] LCP: rec'd Ident #3 link 0 (Opened)
MESG: MSRASV5.00
[pptp] LCP: rec'd Ident #4 link 0 (Opened)
MESG: MSRAS-1-MET5326
[pptp] CHAP: rec'd RESPONSE #1
Name: "john"
Peer name: "john"
Response is valid
[pptp] CHAP: sending SUCCESS
[pptp] LCP: authorization successful
[pptp] LCP: phase shift AUTHENTICATE --> NETWORK
[pptp] up: 1 link, total bandwidth 64000 bps
[pptp] IPCP: Up event
[pptp] IPCP: state change Starting --> Req-Sent
[pptp] IPCP: SendConfigReq #1
IPADDR 172.16.105.80
COMPPROTO VJCOMP, 16 comp. channels, no comp-cid
[pptp] CCP: Open event
[pptp] CCP: state change Initial --> Starting
[pptp] CCP: LayerStart
[pptp] CCP: Up event
[pptp] CCP: state change Starting --> Req-Sent
[pptp] CCP: SendConfigReq #1
MPPC
0x01000060: MPPE, 40 bit, 128 bit, stateless
pptp0-0: ignoring SetLinkInfo
[pptp] CCP: rec'd Configure Request #5 link 0 (Req-Sent)
MPPC
0x010000e1: MPPC MPPE, 40 bit, 56 bit, 128 bit, stateless
[pptp] CCP: SendConfigNak #5
MPPC
0x01000040: MPPE, 128 bit, stateless
[pptp] IPCP: rec'd Configure Request #6 link 0 (Req-Sent)
IPADDR 0.0.0.0
NAKing with 172.16.105.75
PRIDNS 0.0.0.0
NAKing with 172.16.105.67
SECDNS 0.0.0.0
SECNBNS 0.0.0.0
[pptp] IPCP: SendConfigRej #6
SECDNS 0.0.0.0
SECNBNS 0.0.0.0
[pptp] IPCP: rec'd Configure Reject #1 link 0 (Req-Sent)
COMPPROTO VJCOMP, 16 comp. channels, no comp-cid
[pptp] IPCP: SendConfigReq #2
IPADDR 172.16.105.80
[pptp] CCP: rec'd Configure Nak #1 link 0 (Req-Sent)
MPPC
0x01000040: MPPE, 128 bit, stateless
[pptp] CCP: SendConfigReq #2
MPPC
0x01000040: MPPE, 128 bit, stateless
[pptp] CCP: rec'd Configure Request #7 link 0 (Req-Sent)
MPPC
0x01000040: MPPE, 128 bit, stateless
[pptp] CCP: SendConfigAck #7
MPPC
0x01000040: MPPE, 128 bit, stateless
[pptp] CCP: state change Req-Sent --> Ack-Sent
[pptp] IPCP: rec'd Configure Request #8 link 0 (Req-Sent)
IPADDR 0.0.0.0
NAKing with 172.16.105.75
PRIDNS 0.0.0.0
NAKing with 172.16.105.67
[pptp] IPCP: SendConfigNak #8
IPADDR 172.16.105.75
PRIDNS 172.16.105.67
[pptp] IPCP: rec'd Configure Ack #2 link 0 (Req-Sent)
IPADDR 172.16.105.80
[pptp] IPCP: state change Req-Sent --> Ack-Rcvd
[pptp] CCP: rec'd Configure Ack #2 link 0 (Ack-Sent)
MPPC
0x01000040: MPPE, 128 bit, stateless
[pptp] CCP: state change Ack-Sent --> Opened
[pptp] CCP: LayerUp
Compress using: MPPE, 128 bit, stateless
Decompress using: MPPE, 128 bit, stateless
[pptp] IPCP: rec'd Configure Request #9 link 0 (Ack-Rcvd)
IPADDR 172.16.105.75
172.16.105.75 is OK
PRIDNS 172.16.105.67
[pptp] IPCP: SendConfigAck #9
IPADDR 172.16.105.75
PRIDNS 172.16.105.67
[pptp] IPCP: state change Ack-Rcvd --> Opened
[pptp] IPCP: LayerUp
172.16.105.80 -> 172.16.105.75
[pptp] IFACE: Up event
[pptp] exec: /sbin/ifconfig ng0 172.16.105.80 172.16.105.75 netmask 0xffffffff -link0
[pptp] exec: /usr/sbin/arp -s 172.16.105.75 0:6:5b:77:46:26 pub
[pptp] exec: 1350 ng0 inet 172.16.105.80 172.16.105.75 john
[pptp] exec: command returned 32512
[pptp] IFACE: Up event
pptp0-0: ignoring SetLinkInfo
[pptp] LCP: rec'd Terminate Request #10 link 0 (Opened)
[pptp] LCP: state change Opened --> Stopping
[pptp] LCP: phase shift NETWORK --> TERMINATE
[pptp] up: 0 links, total bandwidth 9600 bps
[pptp] IPCP: Down event
[pptp] IPCP: state change Opened --> Starting
[pptp] IPCP: LayerDown
[pptp] IFACE: Down event
[pptp] exec: /usr/sbin/arp -d 172.16.105.75
[pptp] exec: /sbin/ifconfig ng0 down delete -link0
[pptp] CCP: Down event
[pptp] CCP: state change Opened --> Starting
[pptp] CCP: LayerDown
[pptp] CCP: Close event
[pptp] CCP: state change Starting --> Initial
[pptp] CCP: LayerFinish
[pptp] LCP: SendTerminateAck #3
[pptp] LCP: LayerDown
[pptp] rec'd proto IP during terminate phase
[pptp] LCP: rec'd Terminate Request #11 link 0 (Stopping)
[pptp] LCP: SendTerminateAck #4
[pptp] LCP: state change Stopping --> Stopped
[pptp] LCP: phase shift TERMINATE --> ESTABLISH
[pptp] LCP: LayerFinish
[pptp] device: CLOSE event in state UP
pptp0-0: clearing call
pptp0-0: killing channel
[pptp] PPTP call terminated
[pptp] IFACE: Close event
[pptp] IPCP: Close event
[pptp] IPCP: state change Starting --> Initial
[pptp] IPCP: LayerFinish
[pptp] IFACE: Close event
pptp0: closing connection with a.b.c.d:17670
[pptp] IFACE: Close event
[pptp] device is now in state CLOSING
[pptp] bundle: CLOSE event in state OPENED
[pptp] closing link "pptp"...
[pptp] device: DOWN event in state CLOSING
[pptp] device is now in state DOWN
[pptp] link: CLOSE event
[pptp] LCP: Close event
[pptp] LCP: state change Stopped --> Closed
[pptp] device: DOWN event in state DOWN
[pptp] device is now in state DOWN
[pptp] link: DOWN event
[pptp] LCP: Down event
[pptp] LCP: state change Closed --> Initial
[pptp] LCP: phase shift ESTABLISH --> DEAD
[pptp] link: DOWN event
[pptp] LCP: Down event
pptp0: killing connection with a.b.c.d:17670
[pptp] IPCP: Down event
[pptp] IFACE: Close event
mpd: process 169 terminated
Any suggestions are greatly appreciated as I have a bunch people who want access from warm comfy home, and if I give them access this way
they will all moan about it being to slow :)
Thanks, John.
__________________________________________________________
Get your FREE personalized e-mail at http://www.canada.com
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030131075400.28070.h011.c009.wm>