AKZN Notes

Archives for My Lazy and Forgetful Mind

Limit OpenVPN Client Bandwidth

How to Limit Client Bandwidth in OpenVPN

OpenVPN is a popular open-source VPN protocol that allows users to connect securely to a remote network. While OpenVPN is designed to provide fast and reliable connectivity, it can be useful to limit client bandwidth to prevent congestion and ensure fair usage for all users.

There are two ways to limit client bandwidth in OpenVPN: limiting outgoing traffic from the server to clients, and limiting incoming traffic from clients to the server.

limit outgoing traffic

Limiting outgoing traffic from the server to clients can be done by adding the shaper option to the server configuration file. Here's an example configuration file that limits each client to 1 Mbps of outgoing traffic:

dev tun
proto udp
port 1194
ca ca.crt
cert server.crt
key server.key
dh dh.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
keepalive 10 120
comp-lzo
max-clients 10
persist-key
persist-tun
status openvpn-status.log
verb 3
shaper 1000000

The shaper option sets the maximum bandwidth for each client in bytes per second. In the example above, 1000000 bytes per second is equivalent to 1 Mbps. Note that the --shaper option requires root privileges to run, so you may need to run OpenVPN as a privileged user or use a tool like sudo to start the OpenVPN server.

limit incoming traffic

Limiting incoming traffic from clients to the server can be done by adding the tc-queue-limit option to the server configuration file. Here's an example configuration file that limits both incoming and outgoing traffic for OpenVPN clients:

dev tun
proto udp
port 1194
ca ca.crt
cert server.crt
key server.key
dh dh.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
keepalive 10 120
comp-lzo
max-clients 10
persist-key
persist-tun
status openvpn-status.log
verb 3
shaper 1000000
tc-queue-limit 1000000

In the example above, the tc-queue-limit option sets the maximum amount of incoming traffic that can be queued for each client to 1000000 bytes. This value is also set to 1000000 bytes for the shaper option, which limits the outgoing traffic. Note that the tc-queue-limit option requires the tc command-line tool to be installed on the OpenVPN server.

Once you have added the bandwidth limits to the OpenVPN server configuration file, the limits will apply to all clients that connect to the server. Clients do not need to have any special configuration to be subject to the bandwidth limits.

In conclusion, limiting client bandwidth in OpenVPN can help ensure fair usage and prevent congestion on the network. By using the shaper and tc-queue-limit options in the OpenVPN server configuration file, you can easily set bandwidth limits for all clients that connect to the server.

Leave a Reply

Your email address will not be published.