From owner-freebsd-net Fri Nov 22 7:52:43 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DFA0F37B401 for ; Fri, 22 Nov 2002 07:52:38 -0800 (PST) Received: from cluttered.com (w024.z064002058.sjc-ca.dsl.cnc.net [64.2.58.24]) by mx1.FreeBSD.org (Postfix) with ESMTP id 66F5E43E91 for ; Fri, 22 Nov 2002 07:52:38 -0800 (PST) (envelope-from jsd@cluttered.com) Received: from boombox.cluttered.com (dhcp26 [10.10.10.26]) by cluttered.com (Postfix) with ESMTP id 5E7D51D104 for ; Fri, 22 Nov 2002 07:52:39 -0800 (PST) Message-Id: <5.1.0.14.2.20021122074425.00baf340@mail.cluttered.com> X-Sender: jsd@mail.cluttered.com X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Fri, 22 Nov 2002 07:52:35 -0800 To: freebsd-net@freebsd.org From: Jon Drukman Subject: mpd - vpn to windows server - very slow Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org i'm using mpd to connect to my work's VPN, running some form of windows vpn server. unfortunately performance is really miserable. it seems to work fine for tiny transmissions (1K or less) but anything over that stutters, and if it's a big data dump (like scp'ing a 30K file or receiving email with a 15K attachment) it just stalls completely. here is my mpd.conf: default: load work work: new -i ng0 ms-pptp work set log +pptp +pptp2 +pptp3 +lcp +auth set ipcp ranges 0.0.0.0/0 0.0.0.0/0 set ipcp yes vjcomp set link disable chap pap set link accept chap set link yes acfcomp protocomp set iface idle 0 set bundle disable multilink set link enable no-orig-auth set link keep-alive 10 75 set bundle enable compression set ccp yes mppc set ccp yes mpp-e40 set ccp no mpp-stateless set iface route 10.16.0.0/16 set iface route 10.17.0.0/16 set iface route 10.20.0.0/16 set bundle authname "cnet\\jdrukman" set bundle password "xxx set iface disable on-demand set link max-redial 1 open iface and mpd.links: work: set link type pptp set pptp self 64.2.58.24 set pptp peer client-vpn-sf.cnet.com set pptp enable originate outcall here is the output from "# mpd work" pptp0: connected to 206.16.4.253:1723 pptp0: attached to connection with 206.16.4.253:1723 pptp0-0: outgoing call connected at 64000 bps [work] PPTP call successful [work] device: UP event in state OPENING [work] device is now in state UP [work] link: UP event [work] link: origination is local [work] LCP: Up event [work] LCP: state change Starting --> Req-Sent [work] LCP: phase shift DEAD --> ESTABLISH [work] LCP: SendConfigReq #1 ACFCOMP PROTOCOMP MRU 1500 MAGICNUM dd3c81c0 [work] LCP: SendConfigReq #2 ACFCOMP PROTOCOMP MRU 1500 MAGICNUM dd3c81c0 [work] LCP: rec'd Configure Ack #2 link 0 (Req-Sent) ACFCOMP PROTOCOMP MRU 1500 MAGICNUM dd3c81c0 [work] LCP: state change Req-Sent --> Ack-Rcvd [work] LCP: rec'd Configure Request #212 link 0 (Ack-Rcvd) MRU 1500 ACCMAP 0x000a0000 AUTHPROTO CHAP MSOFTv2 MAGICNUM 24ac06cc PROTOCOMP ACFCOMP [work] LCP: SendConfigAck #212 MRU 1500 ACCMAP 0x000a0000 AUTHPROTO CHAP MSOFTv2 MAGICNUM 24ac06cc PROTOCOMP ACFCOMP [work] LCP: state change Ack-Rcvd --> Opened [work] LCP: phase shift ESTABLISH --> AUTHENTICATE [work] LCP: auth: peer wants CHAP, I want nothing [work] LCP: LayerUp [work] CHAP: rec'd CHALLENGE #2 Name: "10.16.102.5" Using authname "cnet\jdrukman" [work] CHAP: sending RESPONSE [work] LCP: rec'd Configure Request #197 link 0 (Opened) MRU 1500 ACCMAP 0x000a0000 AUTHPROTO CHAP MSOFT MAGICNUM 29138139 PROTOCOMP ACFCOMP [work] LCP: LayerDown [work] LCP: SendConfigReq #3 ACFCOMP PROTOCOMP MRU 1500 MAGICNUM dd3c81c0 [work] LCP: SendConfigAck #197 MRU 1500 ACCMAP 0x000a0000 AUTHPROTO CHAP MSOFT MAGICNUM 29138139 PROTOCOMP ACFCOMP [work] LCP: state change Opened --> Ack-Sent [work] LCP: phase shift AUTHENTICATE --> ESTABLISH [work] LCP: rec'd Configure Ack #3 link 0 (Ack-Sent) ACFCOMP PROTOCOMP MRU 1500 MAGICNUM dd3c81c0 [work] LCP: state change Ack-Sent --> Opened [work] LCP: phase shift ESTABLISH --> AUTHENTICATE [work] LCP: auth: peer wants CHAP, I want nothing [work] LCP: LayerUp [work] CHAP: rec'd CHALLENGE #2 Name: "10.16.102.5" Using authname "cnet\jdrukman" [work] CHAP: sending RESPONSE [work] CHAP: rec'd SUCCESS #2 MESG: CHAP authentication success, unit 80936072 [work] LCP: authorization successful [work] LCP: phase shift AUTHENTICATE --> NETWORK [ms-pptp] up: 1 link, total bandwidth 64000 bps [ms-pptp] IPCP: Up event [ms-pptp] IPCP: state change Starting --> Req-Sent [ms-pptp] IPCP: SendConfigReq #1 IPADDR 0.0.0.0 COMPPROTO VJCOMP, 16 comp. channels, no comp-cid [ms-pptp] CCP: Open event [ms-pptp] CCP: state change Initial --> Starting [ms-pptp] CCP: LayerStart [ms-pptp] CCP: Up event [ms-pptp] CCP: state change Starting --> Req-Sent [ms-pptp] CCP: SendConfigReq #1 MPPC 0x00000020: MPPE, 40 bit [ms-pptp] IPCP: rec'd Configure Request #189 link 0 (Req-Sent) IPADDR 10.16.102.5 10.16.102.5 is OK COMPPROTO VJCOMP, 8 comp. channels, no comp-cid [ms-pptp] IPCP: SendConfigAck #189 IPADDR 10.16.102.5 COMPPROTO VJCOMP, 8 comp. channels, no comp-cid [ms-pptp] IPCP: state change Req-Sent --> Ack-Sent [ms-pptp] IPCP: rec'd Configure Nak #1 link 0 (Ack-Sent) IPADDR 10.16.102.72 10.16.102.72 is OK COMPPROTO VJCOMP, 8 comp. channels, no comp-cid Adjusting # compression channels [ms-pptp] IPCP: SendConfigReq #2 IPADDR 10.16.102.72 COMPPROTO VJCOMP, 8 comp. channels, no comp-cid [ms-pptp] CCP: rec'd Configure Request #10 link 0 (Req-Sent) MPPC 0x00000020: MPPE, 40 bit [ms-pptp] CCP: SendConfigAck #10 MPPC 0x00000020: MPPE, 40 bit [ms-pptp] CCP: state change Req-Sent --> Ack-Sent [ms-pptp] CCP: rec'd Configure Ack #1 link 0 (Ack-Sent) MPPC 0x00000020: MPPE, 40 bit [ms-pptp] CCP: state change Ack-Sent --> Opened [ms-pptp] CCP: LayerUp Compress using: MPPE, 40 bit Decompress using: MPPE, 40 bit [ms-pptp] IPCP: rec'd Configure Ack #2 link 0 (Ack-Sent) IPADDR 10.16.102.72 COMPPROTO VJCOMP, 8 comp. channels, no comp-cid [ms-pptp] IPCP: state change Ack-Sent --> Opened [ms-pptp] IPCP: LayerUp 10.16.102.72 -> 10.16.102.5 [ms-pptp] IFACE: Up event [ms-pptp] exec: /sbin/ifconfig ng0 10.16.102.72 10.16.102.5 netmask 0xffffffff -link0 [ms-pptp] exec: /sbin/route add 10.16.0.0 10.16.102.5 -netmask 0xffff0000 [ms-pptp] exec: /sbin/route add 10.17.0.0 10.16.102.5 -netmask 0xffff0000 [ms-pptp] exec: /sbin/route add 10.20.0.0 10.16.102.5 -netmask 0xffff0000 [ms-pptp] IFACE: Up event one thing i find interesting is it says "total bandwidth 64000" - i'm on dsl and i have way more than that (384Kbps up, 1.5Mbps down). is this something that is being negotiated between the vpn server & mpd? can i ask it to override that setting? the depressing thing is it works totally fine from a stock windows XP box so the people who run the vpn server are not interested in helping me figure this out. -jsd- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message