Trouble with openvpn?

Internet access discussion, including Fusion, IP Broadband, and Gigabit Fiber!
31 posts Page 2 of 4
by artakamoose » Wed May 31, 2023 8:37 am
elmatador wrote:I've also tried the beta and agree with you. The vpn is hosed. Maybe Dane wants us gone, we're not worth the hassle anymore. A shame, been with Sonic a long time, before the FTTN product came out.
I think it's much much much more likely that this is due to the massive increase in subscribers than wanting you gone. Since fiber rolled out in my neighborhood there's been a non-stop parade of Sonic trucks on my street. It's a fairly dense neighborhood with several large apartment complexes. It's very likely that the VPN resources are getting hammered and they just guessed incorrectly about what the increase in usage would look like. Hopefully, they upgrade the service. It's really awesome they offer this, and I love being able to use it in when I'm on public wifi.
by kgc » Wed May 31, 2023 6:16 pm
Whatever is going on, it's not the VPN cluster that's the problem.

Using the OpenVPN Connect client on desktop at home via ~1G Xfinity service (the only viable service available at my home) I'm able to go over 100Mbits. https://www.speedtest.net/result/14808693509
Kelsey Cummings
System Architect, Sonic.net, Inc.
by js9erfan » Wed May 31, 2023 7:40 pm
No issues here either over my Comcast 400 Mbps plan though I did change the cipher to aes-256-gcm over cbc.... Certainly beats my Digital Ocean ovpn droplet 8-)

ovpn.sonic.net:
Screenshot 2023-05-31 192210.jpg
Screenshot 2023-05-31 192210.jpg (46.95 KiB) Viewed 625 times
Digital Ocean:
Screenshot 2023-05-31 192245.jpg
Screenshot 2023-05-31 192245.jpg (50.04 KiB) Viewed 625 times
by dkirker » Thu Jun 01, 2023 12:11 am
Things seem to have returned to normal right now. I'll keep an eye on it and see what it does again in the morning.
by tomoc » Thu Jun 01, 2023 4:40 pm
We're hoping you can help us to determine whether this is an issue with all traffic from AT&T to Sonic, or something else. Pleas do the following the next time you are experiencing an issue like this for an extended period (at least 5-10 minutes). Run the speed test at https://www.sonic.com/speedtest with your Sonic VPN connection active, then run one without. If you see speed issues in BOTH cases, please also provide a traceroute to speedtest.sonic.net if you are able, as well as the subnet your connection is coming from (just the /24, not your individual address).

Thank you for helping us track this down
Tomoc
Sonic NOC
by dkirker » Thu Jun 01, 2023 9:50 pm
I'm glad to see that it is being looked at! I appear to be experiencing it again this evening. I'll run those tests for you.
by dkirker » Thu Jun 01, 2023 10:23 pm
The speedtest from the Sonic VPN: https://sonic.speedtestcustom.com/resul ... f55041445c
Subnet: 192.184.191.0/24

Code: Select all

dkirker@flying-toaster:~$ traceroute speedtest.sonic.net
traceroute to speedtest.sonic.net (157.131.0.37), 30 hops max, 60 byte packets
 1  atlas.snvaca01.openmobl.com (10.0.8.1)  0.334 ms  0.400 ms  0.453 ms
 2  192-184-191-129.static.sonic.net (192.184.191.129)  29.937 ms  30.483 ms  31.230 ms
 3  0.irb.378.access6-8.snrtcamn.sonic.net (157.131.224.195)  292.569 ms  292.774 ms  292.954 ms
 4  * 0.ae0.cr2.snjsca11.sonic.net (50.0.79.157)  54.602 ms *
 5  0.et-0-0-52.cr2.snrtcamn.sonic.net (75.101.36.41)  52.353 ms  52.543 ms 0.et-0-0-53.cr2.snrtcamn.sonic.net (70.36.205.69)  52.078 ms
 6  0.ae1.cr4.snrtcamn.sonic.net (192.184.185.189)  43.324 ms  34.788 ms  34.899 ms
 7  0.ae2.cr2.ptlmca01.sonic.net (192.184.185.177)  31.957 ms  40.626 ms  40.545 ms
 8  0.ae1.cr3.snrfca01.sonic.net (23.93.52.254)  43.363 ms  43.589 ms  43.725 ms
 9  * * *
10  * * *
11  * * *
12  * * *
13  * * *
14  0.ae0.cs1.equinix-sj.sonic.net (157.131.209.198)  46.683 ms  57.176 ms  57.252 ms
15  0.xe-0-0-40.vm-dist1-1.equinix-sj.sonic.net (157.131.208.182)  43.410 ms  43.543 ms  43.709 ms
16  * * *
17  * * *
18  * * *
19  * * *
20  * * *
21  * * *
22  * * *
23  * * *
24  * * *
25  * * *
26  * * *
27  * * *
28  * * *
29  * * *
30  * * *
And the speedtest from just on AT&T: https://sonic.speedtestcustom.com/resul ... c5a2b0dec8
Subnet: 75.25.120.0/24

Code: Select all

dkirker@flying-toaster:~$ traceroute speedtest.sonic.net
traceroute to speedtest.sonic.net (157.131.0.37), 30 hops max, 60 byte packets
 1  homeportal (192.168.1.254)  0.560 ms  1.007 ms  1.408 ms
 2  75-25-120-1.lightspeed.snvaca.sbcglobal.net (75.25.120.1)  22.282 ms  22.588 ms  23.140 ms
 3  71.148.148.25 (71.148.148.25)  24.474 ms  24.453 ms  24.848 ms
 4  12.242.117.22 (12.242.117.22)  29.111 ms  29.085 ms  29.380 ms
 5  192.205.32.90 (192.205.32.90)  30.165 ms  30.606 ms  30.884 ms
 6  be2431.ccr31.sjc04.atlas.cogentco.com (154.54.88.190)  32.148 ms  25.012 ms  25.498 ms
 7  38.104.141.82 (38.104.141.82)  27.307 ms  27.304 ms  26.359 ms
 8  102.ae1.cr1.pao1.sonic.net (70.36.205.5)  71.011 ms  70.908 ms  70.823 ms
 9  * * *
10  0.ae0.cs1.equinix-sj.sonic.net (157.131.209.198)  200.527 ms  200.478 ms 0.ae0.cs2.equinix-sj.sonic.net (157.131.209.206)  47.467 ms
11  0.xe-0-0-40.vm-dist1-2.equinix-sj.sonic.net (157.131.210.30)  43.016 ms 0.xe-0-0-40.vm-dist1-1.equinix-sj.sonic.net (157.131.208.182)  44.925 ms  44.877 ms
12  * * *
13  * * *
14  * * *
15  * * *
16  * * *
17  * * *
18  * * *
19  * * *
20  * * *
21  * * *
22  * * *
23  * * *
24  * * *
25  * * *
26  * * *
27  * * *
28  * * *
29  * * *
30  * * *
And for kicks, this is through just AT&T with the Sonic VPN completely disconnected (so nothing is sharing the pipe): https://sonic.speedtestcustom.com/resul ... bcebaecc5e
Subnet: 75.25.120.0/24

Code: Select all

dkirker@flying-toaster:~$ traceroute speedtest.sonic.net
traceroute to speedtest.sonic.net (157.131.0.37), 30 hops max, 60 byte packets
 1  api.home (192.168.1.254)  1.088 ms  1.376 ms  1.350 ms
 2  75-25-120-1.lightspeed.snvaca.sbcglobal.net (75.25.120.1)  22.131 ms  22.690 ms  24.102 ms
 3  71.148.148.25 (71.148.148.25)  24.082 ms  24.314 ms  25.017 ms
 4  12.242.117.22 (12.242.117.22)  27.916 ms  29.092 ms  29.072 ms
 5  192.205.32.90 (192.205.32.90)  30.474 ms  30.455 ms  30.841 ms
 6  be2431.ccr31.sjc04.atlas.cogentco.com (154.54.88.190)  32.486 ms  30.292 ms  30.892 ms
 7  38.104.141.82 (38.104.141.82)  31.941 ms *  26.248 ms
 8  102.ae1.cr1.pao1.sonic.net (70.36.205.5)  66.089 ms  66.022 ms  33.202 ms
 9  * * *
10  0.ae0.cs2.equinix-sj.sonic.net (157.131.209.206)  48.136 ms  48.102 ms 0.ae0.cs1.equinix-sj.sonic.net (157.131.209.198)  41.471 ms
11  0.xe-0-0-40.vm-dist1-1.equinix-sj.sonic.net (157.131.208.182)  47.660 ms 0.xe-0-0-40.vm-dist1-2.equinix-sj.sonic.net (157.131.210.30)  50.650 ms 0.xe-0-0-40.vm-dist1-1.equinix-sj.sonic.net (157.131.208.182)  47.539 ms
12  * * *
<trunc>
30  * * *
dkirker@flying-toaster:~$ traceroute speedtest.sonic.net
traceroute to speedtest.sonic.net (157.131.0.37), 30 hops max, 60 byte packets
 1  api.home (192.168.1.254)  0.831 ms  1.009 ms  1.255 ms
 2  75-25-120-1.lightspeed.snvaca.sbcglobal.net (75.25.120.1)  187.711 ms  187.691 ms  187.935 ms
 3  71.148.148.25 (71.148.148.25)  187.915 ms  188.192 ms  188.448 ms
 4  12.242.117.22 (12.242.117.22)  190.816 ms  192.817 ms  194.105 ms
 5  192.205.32.90 (192.205.32.90)  193.261 ms  193.240 ms  193.817 ms
 6  be2431.ccr31.sjc04.atlas.cogentco.com (154.54.88.190)  194.676 ms  193.252 ms  193.573 ms
 7  * 38.104.141.82 (38.104.141.82)  193.456 ms  193.836 ms
 8  102.ae1.cr1.pao1.sonic.net (70.36.205.5)  199.393 ms  199.336 ms  199.629 ms
 9  * * *
10  0.ae0.cs2.equinix-sj.sonic.net (157.131.209.206)  673.087 ms  673.031 ms 0.ae0.cs1.equinix-sj.sonic.net (157.131.209.198)  213.991 ms
11  0.xe-0-0-40.vm-dist1-1.equinix-sj.sonic.net (157.131.208.182)  205.914 ms  205.880 ms 0.xe-0-0-40.vm-dist1-2.equinix-sj.sonic.net (157.131.210.30)  215.225 ms
12  * * *
13  * * *
<trunc>
30  * * *
dkirker@flying-toaster:~$ traceroute speedtest.sonic.net
traceroute to speedtest.sonic.net (157.131.0.37), 30 hops max, 60 byte packets
 1  igateway (192.168.1.254)  0.796 ms  1.113 ms  1.349 ms
 2  75-25-120-1.lightspeed.snvaca.sbcglobal.net (75.25.120.1)  22.545 ms  22.525 ms  22.946 ms
 3  71.148.148.25 (71.148.148.25)  23.622 ms  25.443 ms  25.423 ms
 4  12.242.117.22 (12.242.117.22)  28.461 ms  28.442 ms  28.423 ms
 5  192.205.32.90 (192.205.32.90)  29.930 ms  30.887 ms  30.868 ms
 6  be2431.ccr31.sjc04.atlas.cogentco.com (154.54.88.190)  32.146 ms  30.645 ms  31.028 ms
 7  38.104.141.82 (38.104.141.82)  84.851 ms  63.259 ms  63.216 ms
 8  102.ae1.cr1.pao1.sonic.net (70.36.205.5)  30.845 ms  30.801 ms  26.957 ms
 9  * * *
10  0.ae0.cs1.equinix-sj.sonic.net (157.131.209.198)  42.970 ms  42.939 ms  43.230 ms
11  0.xe-0-0-40.vm-dist1-2.equinix-sj.sonic.net (157.131.210.30)  46.942 ms  63.408 ms 0.xe-0-0-40.vm-dist1-1.equinix-sj.sonic.net (157.131.208.182)  35.975 ms
12  * * *
<trunc>
30  * * *
by virtualmike » Sun Jun 04, 2023 10:36 pm
kgc wrote:Whatever is going on, it's not the VPN cluster that's the problem.
But there might be some issues at one or more of the interchanges. I'm currently in southern Oregon, on a 300/12 Mbps Spectrum connection. At speedtest.sonic.net I get 260/12 Mbps without VPN, and 41/11 with VPN.

I'm using OpenVPN Connect 3.3.7 (2979) with the profile provided by Sonic.
by elmatador » Mon Jun 05, 2023 1:16 pm
I sent Tomoc my trace routes via private message but for the rest of the board:

As noted in my original post that started this thread. I had no internet connectivity unless I DID use the sonic vpn.

Currently I have full speed connectivity through AT&T(FTTN) with the vpn off and they route traffic to a local speedtest.net site in Socal(22.93Mbps) and changing the server to Pigs Can Fly in San Francisco(22.96Mbps).

With vpn off and using sonic.com/speedtes I get 4.5Mbs
With vpn on and using sonic.com/speedtest I get 3.3Mbs
by tomoc » Mon Jun 05, 2023 5:54 pm
For now, we're tackling one problem at a time. We have routed all outbound traffic towards AT&T (AS7018) away from the transit provider we believe to be saturated. We have a ticket open with them as well and have provided ping/traceroute data showing the latency/loss. As we are not direct AT&T customers, it is difficult to request that they re-route their outbound traffic towards us. Although it's a long shot, it may be worth reporting this problem to AT&T as well, as they do have the ability to migrate traffic off of the congested links.
Tomoc
Sonic NOC
31 posts Page 2 of 4

Who is online

In total there are 32 users online :: 1 registered, 0 hidden and 31 guests (based on users active over the past 5 minutes)
Most users ever online was 999 on Mon May 10, 2021 1:02 am

Users browsing this forum: Google [Bot] and 31 guests