BeagleBone Black OpenVPN Performance

UPDATE (later that day…)

I re-ran the test, this time using the BBB as the server and the OpenVPN client was running in an Ubuntu VM on my Mac.  The two devices were connected directly via Ethernet.  As expected, the numbers are much better when they don’t travel across the world.

Too bad I couldn't get the hardware acceleration working... that might have prevented 100% CPU usage.
Too bad I couldn’t get the hardware acceleration working… that might have prevented 100% CPU usage.

And the bandwidth results:

Over OpenVPN:

iperf -c -t 20
Client connecting to, TCP port 5001
TCP window size: 21.8 KByte (default)
[  3] local port 58840 connected with port 5001
[ ID] Interval       Transfer     Bandwidth
[  3]  0.0-20.1 sec  79.2 MBytes  33.1 Mbits/sec

Over raw TCP. Interestingly, this was slower. However, I only ran the test once.

iperf -c -t 20
Client connecting to, TCP port 5001
TCP window size: 22.9 KByte (default)
[  3] local port 59179 connected with port 5001
[ ID] Interval       Transfer     Bandwidth
[  3]  0.0-20.1 sec  68.4 MBytes  28.6 Mbits/sec

Original Post follows

A visitor asked about OpenVPN performance on the BeagleBone Black (BBB).  It wasn’t too bad to set up OpenVPN on a server; I followed this tutorial. The test setup is as follows:

  • OpenVPN client: BBB, located in the middle of the United States
  • OpenVPN server: My Virtual Private Server, located in Europe

For various reasons I didn’t want to run the server on my local computer. I mention this because the measured bandwidth is not very impressive. However, the inquirer seemed more interested in CPU performance, so I think this test setup should be fine.

After I connect the client and server via the VPN, I ran iperf to gather the statistics. On the client, I used this clever script to capture CPU performance and prep the data for gnuplot. Gnuplot is one of those programs that I use once in blue-moon, so I’m posting the commands, mainly so I remember them next time 😉

set title "BeagleBone Black OpenVPN AES-128-CBC Performance"
set ylabel "Idle CPU (percent)"
set xlabel "Time (seconds)"
set terminal postscript eps
set output 'out.eps'
plot "openvpn.txt" using 1:2 title 'OpenVPN' with lines, "no_vpn.txt" using 1:2 title "No VPN" with lines

Anyway, here are the results. Continue reading “BeagleBone Black OpenVPN Performance”

It’s the end of the olympics as we know it… and I feel fine

How did you find out that Ryan Lochte took gold in the 400 meter IM over Michael Phelps yesterday?  Did you read about in your paper this morning?  Did you watch it on NBC’s evening broadcast?  Or did you find out via some sort of online media (hopefully not my blog… 🙂 )?

Hopefully, this will be the last olympics ever that subscribes to a traditional broadcast pattern of waiting until prime-time to deliver the highlights for the day.  Obviously, there are time-zone issues at play, but it appears that NBC is actively blocking streaming online unless one is a cable television subscriber (in the U.S.).  I don’t subscribe to cable TV and I don’t see the point of cable TV anymore.  For TV shows, I watch Hulu, for movies: Netflix and Redbox, for news, I read the Philadelphia Inquirer via my Kindle and read Hacker News.  The only thing I’m missing is sports and I was o.k. with a YouTube style ad at the beginning of an olympics bite, but no.

The model is broken. Instead of trying to cram the day’s events into a commercial infested prime time package, stream the events online so that all those dressage fans can watch their horse prance away to hip-hop.  Oh, wait, you’re living in the U.K., that service is available via the BBC.  The olympics are one of the last truly equalizing events around, so why are they closed-source?  Lets have an open olympics!

So here’s how to get around it 🙂  Instead of subscribing to cable, subscribe to a VPN.  See, the website is filtering the live streams based on your IP address, which is mapped to a geographical region and more specifically to an ISP.  With a VPN, your IP address appears to the world as the IP address at the end of the “VPN-tunnel,” so if you pick a VPN in the U.K., guess what, the website can’t tell the difference between a physical computer in the U.K. and your virtual one!  Game on!  This trick is equally useful when trying to buy books from (for a German based VPN host).

Of course there are other good reasons to have a VPN anyway, the main one being protection on open wifi hotspots.  The VPN will protect all traffic over the open (read public readable) hotspot and the ISP.  Of course, so will SSL, but even with SSL, it’s still possible to discover to whom you’re talking.  For extra protection, add Tor to the mix and check out this awesome interactive chart from the EFF on Tor and HTTPS benefits.

So, here’s to the future of watching the olympics!  Thanks to these other great posts on spreading the word.