L2TP and TCP throughput

L2TP related questions
Post Reply
Posts: 36
Joined: 10 Jun 2019, 20:42

L2TP and TCP throughput

Post by tj-19 »

Hi Everyone,

I'm hoping someone can guide me in resolving what seems to be a Buffer-bloat issue. I've been using tools such as 'https://devina.io/speed-test and have observed that TCP traffic through the L2TP tunnel, especially when loading websites, exhibits noticeable lag. Additionally, there have been complaints about gaming latency. Indeed, I've noted that the latency for both active downloads and uploads suddenly spikes to around 50 ms over the normal latency.

I've double-checked all the usual configurations in the sysctl related to TCP congestion, wmem, and rmem buffers, but nothing seems to make a difference. I've reset the receive buffer in accel-ppp back to recv-window=16 and have switched the congestion control from Highspeed to BBR. Despite these changes, the issue persists.

Subsequently, I created an OpenVPN tunnel directly to the LNS from my PC over the same L2TP path, and the performance significantly improved. This suggests a potential misconfiguration with accel-ppp. I've applied all the optimisations mentioned in the instructions. One thing I've noticed is the delay when loading web pages, text loads instantly and pictures slowly. Initially, I considered MTU/MRU issues and therefore disabled the defaults in the accel-ppp config file, setting ppp-max-mtu=1500 as the MTU supported over L2TP.

I then conducted the following check on my test L2TP interface l2tp00, focusing on the MSS parts:

tcpdump -i l2tp00 'tcp[tcpflags] & (tcp-syn) != 0' -v

(correct), seq 2542791277, win 65535, options [mss 1460, sackOK, TS val 4103031204 ecr 0, nop, wscale 9]
(correct), seq 3348753918, win 64240, options [mss 1360, sackOK, TS val 3197502156 ecr 0, nop, wscale 7]

These results seem accurate, yet the performance issue persists, especially when loading websites. I've confirmed this on various devices via both LAN and wireless connections to the same router, all utilising the same L2TP connection. Additionally, I've replaced the router to confirm it was not the source of the problem.

I then shifted focus to the TC part and adjusted it accordingly for testing, aiming to reduce the latency for small packets such as ACKs when the bandwidth of the L2TP session is not known.

The speed information does not appear to be received with each session. If it were, would it be advisable to set up a shaper? If so, how could the shaper be adjusted according to the upload/download speed of each L2TP session?

tc qdisc del dev l2tp00 root

tc qdisc add dev l2tp00 root cake autorate-ingress nat

I would be grateful for any input.
Posts: 866
Joined: 13 Oct 2014, 05:51

Re: L2TP and TCP throughput

Post by dimka88 »

Hi, @tj-19.

To be honest you can not set mtu to 1500 for L2TP, because you can not garantee path between L2TP server and client. So you have to use clamping TCP MSS.
Also, I think you configure firewall for ICMP messages, that can broke network windows packets size and you will see this issue.
Post Reply