Вопрос по работе штатного клиента OpenVPN

[AlexDem]

Как то странно работает 19.10 с OpenVPN сервером. Вроде сервер шустро работает, как только подключается, то скорость обмена с интеренет через него от 50 до 80 мбит. Но проходит какое то время, и скорость обмена данными начинает падать, и падает почти что до 1-2 мбит. Если переподключить - то работает какое то время нормально, потом опять.
С виндой и андроид такого счастья не наблюдаю. Где бы поковырять, чтобы понять проблему?

Лог клиента в спойлере, лог сервера тоже могу дать, если это что-то даст...

(Нажмите, чтобы показать/скрыть)

Mar 23 21:13:04 alex-All-Series NetworkManager[1304]: <info>  [1584987184.0211] audit: op="connection-activate" uuid="f7d0c96c-3c69-4f43-b949-f83c7ea515ea" name="OpenVPN" pid=2481 uid=1000 result="success"
Mar 23 21:13:04 alex-All-Series NetworkManager[1304]: <info>  [1584987184.0242] vpn-connection[0x555688f9c6f0,f7d0c96c-3c69-4f43-b949-f83c7ea515ea,"OpenVPN",0]: Started the VPN service, PID 8450
Mar 23 21:13:04 alex-All-Series nm-openvpn[8453]: WARNING: file '/home/alex/OVPN/homepc.key' is group or others accessible
Mar 23 21:13:04 alex-All-Series NetworkManager[1304]: <info>  [1584987184.0294] vpn-connection[0x555688f9c6f0,f7d0c96c-3c69-4f43-b949-f83c7ea515ea,"OpenVPN",0]: Saw the service appear; activating connection
Mar 23 21:13:04 alex-All-Series nm-openvpn[8453]: OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Sep  5 2019
Mar 23 21:13:04 alex-All-Series NetworkManager[1304]: <info>  [1584987184.0350] vpn-connection[0x555688f9c6f0,f7d0c96c-3c69-4f43-b949-f83c7ea515ea,"OpenVPN",0]: VPN plugin: state changed: starting (3)
Mar 23 21:13:04 alex-All-Series nm-openvpn[8453]: library versions: OpenSSL 1.1.1c  28 May 2019, LZO 2.10
Mar 23 21:13:04 alex-All-Series NetworkManager[1304]: <info>  [1584987184.0350] vpn-connection[0x555688f9c6f0,f7d0c96c-3c69-4f43-b949-f83c7ea515ea,"OpenVPN",0]: VPN connection: (ConnectInteractive) reply received
Mar 23 21:13:04 alex-All-Series nm-openvpn[8453]: WARNING: --ns-cert-type is DEPRECATED.  Use --remote-cert-tls instead.
Mar 23 21:13:04 alex-All-Series nm-openvpn[8453]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Mar 23 21:13:04 alex-All-Series nm-openvpn[8453]: TCP/UDP: Preserving recently used remote address: [AF_INET]163.172.146.242:1194
Mar 23 21:13:04 alex-All-Series nm-openvpn[8453]: Attempting to establish TCP connection with [AF_INET]163.172.146.242:1194 [nonblock]
Mar 23 21:13:04 alex-All-Series nm-applet[2481]: gtk_widget_destroy: assertion 'GTK_IS_WIDGET (widget)' failed
Mar 23 21:13:04 alex-All-Series nm-applet[2481]: gtk_widget_destroy: assertion 'GTK_IS_WIDGET (widget)' failed
Mar 23 21:13:05 alex-All-Series nm-openvpn[8453]: TCP connection established with [AF_INET]163.172.146.242:1194
Mar 23 21:13:05 alex-All-Series nm-openvpn[8453]: TCP_CLIENT link local: (not bound)
Mar 23 21:13:05 alex-All-Series nm-openvpn[8453]: TCP_CLIENT link remote: [AF_INET]163.172.146.242:1194
Mar 23 21:13:05 alex-All-Series nm-openvpn[8453]: NOTE: chroot will be delayed because of --client, --pull, or --up-delay
Mar 23 21:13:05 alex-All-Series nm-openvpn[8453]: NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
Mar 23 21:13:05 alex-All-Series nm-openvpn[8453]: [server] Peer Connection Initiated with [AF_INET]163.172.146.242:1194
Mar 23 21:13:07 alex-All-Series nm-openvpn[8453]: TUN/TAP device tun0 opened
Mar 23 21:13:07 alex-All-Series nm-openvpn[8453]: /usr/lib/NetworkManager/nm-openvpn-service-openvpn-helper --debug 0 8450 --bus-name org.freedesktop.NetworkManager.openvpn.Connection_8 --tun -- tun0 1500 1559 10.100.0.6 10.100.0.5 init
Mar 23 21:13:07 alex-All-Series systemd-udevd[8465]: link_config: autonegotiation is unset or enabled, the speed and duplex are not writable.
Mar 23 21:13:07 alex-All-Series NetworkManager[1304]: <info>  [1584987187.1681] manager: (tun0): new Tun device (/org/freedesktop/NetworkManager/Devices/6)
Mar 23 21:13:07 alex-All-Series NetworkManager[1304]: <info>  [1584987187.1778] vpn-connection[0x555688f9c6f0,f7d0c96c-3c69-4f43-b949-f83c7ea515ea,"OpenVPN",0]: VPN connection: (IP Config Get) reply received.
Mar 23 21:13:07 alex-All-Series NetworkManager[1304]: <info>  [1584987187.1787] vpn-connection[0x555688f9c6f0,f7d0c96c-3c69-4f43-b949-f83c7ea515ea,"OpenVPN",6:(tun0)]: VPN connection: (IP4 Config Get) reply received
Mar 23 21:13:07 alex-All-Series NetworkManager[1304]: <info>  [1584987187.1834] vpn-connection[0x555688f9c6f0,f7d0c96c-3c69-4f43-b949-f83c7ea515ea,"OpenVPN",6:(tun0)]: VPN connection: (IP6 Config Get) reply received
Mar 23 21:13:07 alex-All-Series NetworkManager[1304]: <info>  [1584987187.1837] vpn-connection[0x555688f9c6f0,f7d0c96c-3c69-4f43-b949-f83c7ea515ea,"OpenVPN",6:(tun0)]: Data: VPN Gateway: 163.172.146.242
Mar 23 21:13:07 alex-All-Series NetworkManager[1304]: <info>  [1584987187.1839] vpn-connection[0x555688f9c6f0,f7d0c96c-3c69-4f43-b949-f83c7ea515ea,"OpenVPN",6:(tun0)]: Data: Tunnel Device: "tun0"
Mar 23 21:13:07 alex-All-Series NetworkManager[1304]: <info>  [1584987187.1840] vpn-connection[0x555688f9c6f0,f7d0c96c-3c69-4f43-b949-f83c7ea515ea,"OpenVPN",6:(tun0)]: Data: IPv4 configuration:
Mar 23 21:13:07 alex-All-Series NetworkManager[1304]: <info>  [1584987187.1841] vpn-connection[0x555688f9c6f0,f7d0c96c-3c69-4f43-b949-f83c7ea515ea,"OpenVPN",6:(tun0)]: Data:   Internal Gateway: 10.100.0.5
Mar 23 21:13:07 alex-All-Series NetworkManager[1304]: <info>  [1584987187.1842] vpn-connection[0x555688f9c6f0,f7d0c96c-3c69-4f43-b949-f83c7ea515ea,"OpenVPN",6:(tun0)]: Data:   Internal Address: 10.100.0.6
Mar 23 21:13:07 alex-All-Series NetworkManager[1304]: <info>  [1584987187.1842] vpn-connection[0x555688f9c6f0,f7d0c96c-3c69-4f43-b949-f83c7ea515ea,"OpenVPN",6:(tun0)]: Data:   Internal Prefix: 32
Mar 23 21:13:07 alex-All-Series NetworkManager[1304]: <info>  [1584987187.1842] vpn-connection[0x555688f9c6f0,f7d0c96c-3c69-4f43-b949-f83c7ea515ea,"OpenVPN",6:(tun0)]: Data:   Internal Point-to-Point Address: 10.100.0.5
Mar 23 21:13:07 alex-All-Series NetworkManager[1304]: <info>  [1584987187.1842] vpn-connection[0x555688f9c6f0,f7d0c96c-3c69-4f43-b949-f83c7ea515ea,"OpenVPN",6:(tun0)]: Data:   Static Route: 10.100.0.1/32   Next Hop: 10.100.0.5
Mar 23 21:13:07 alex-All-Series NetworkManager[1304]: <info>  [1584987187.1842] vpn-connection[0x555688f9c6f0,f7d0c96c-3c69-4f43-b949-f83c7ea515ea,"OpenVPN",6:(tun0)]: Data:   Static Route: 0.0.0.0/0   Next Hop: 10.100.0.5
Mar 23 21:13:07 alex-All-Series NetworkManager[1304]: <info>  [1584987187.1842] vpn-connection[0x555688f9c6f0,f7d0c96c-3c69-4f43-b949-f83c7ea515ea,"OpenVPN",6:(tun0)]: Data:   Static Route: 10.100.0.5/32   Next Hop: 0.0.0.0
Mar 23 21:13:07 alex-All-Series NetworkManager[1304]: <info>  [1584987187.1842] vpn-connection[0x555688f9c6f0,f7d0c96c-3c69-4f43-b949-f83c7ea515ea,"OpenVPN",6:(tun0)]: Data:   Internal DNS: 10.100.0.1
Mar 23 21:13:07 alex-All-Series NetworkManager[1304]: <info>  [1584987187.1842] vpn-connection[0x555688f9c6f0,f7d0c96c-3c69-4f43-b949-f83c7ea515ea,"OpenVPN",6:(tun0)]: Data:   DNS Domain: '(none)'
Mar 23 21:13:07 alex-All-Series NetworkManager[1304]: <info>  [1584987187.1842] vpn-connection[0x555688f9c6f0,f7d0c96c-3c69-4f43-b949-f83c7ea515ea,"OpenVPN",6:(tun0)]: Data: IPv6 configuration:
Mar 23 21:13:07 alex-All-Series nm-openvpn[8453]: chroot to '/var/lib/openvpn/chroot' and cd to '/' succeeded
Mar 23 21:13:07 alex-All-Series NetworkManager[1304]: <info>  [1584987187.1842] vpn-connection[0x555688f9c6f0,f7d0c96c-3c69-4f43-b949-f83c7ea515ea,"OpenVPN",6:(tun0)]: Data:   Internal Address: 2001:bc8:47a0:1e53::1000
Mar 23 21:13:07 alex-All-Series nm-openvpn[8453]: GID set to nm-openvpn
Mar 23 21:13:07 alex-All-Series NetworkManager[1304]: <info>  [1584987187.1842] vpn-connection[0x555688f9c6f0,f7d0c96c-3c69-4f43-b949-f83c7ea515ea,"OpenVPN",6:(tun0)]: Data:   Internal Prefix: 64
Mar 23 21:13:07 alex-All-Series nm-openvpn[8453]: UID set to nm-openvpn
Mar 23 21:13:07 alex-All-Series NetworkManager[1304]: <info>  [1584987187.1842] vpn-connection[0x555688f9c6f0,f7d0c96c-3c69-4f43-b949-f83c7ea515ea,"OpenVPN",6:(tun0)]: Data:   Internal Point-to-Point Address: 2001:bc8:47a0:1e53::1
Mar 23 21:13:07 alex-All-Series nm-openvpn[8453]: Initialization Sequence Completed
Mar 23 21:13:07 alex-All-Series NetworkManager[1304]: <info>  [1584987187.1842] vpn-connection[0x555688f9c6f0,f7d0c96c-3c69-4f43-b949-f83c7ea515ea,"OpenVPN",6:(tun0)]: Data:   Static Route: 2001:bc8:47a0:1e53::12/64   Next Hop: 2001:bc8:47a0:1e53::1
Mar 23 21:13:07 alex-All-Series NetworkManager[1304]: <info>  [1584987187.1842] vpn-connection[0x555688f9c6f0,f7d0c96c-3c69-4f43-b949-f83c7ea515ea,"OpenVPN",6:(tun0)]: Data:   Static Route: 2001::/3   Next Hop: 2001:bc8:47a0:1e53::1
Mar 23 21:13:07 alex-All-Series NetworkManager[1304]: <info>  [1584987187.1843] vpn-connection[0x555688f9c6f0,f7d0c96c-3c69-4f43-b949-f83c7ea515ea,"OpenVPN",6:(tun0)]: Data:   Static Route: ::/0   Next Hop: ::
Mar 23 21:13:07 alex-All-Series NetworkManager[1304]: <info>  [1584987187.1843] vpn-connection[0x555688f9c6f0,f7d0c96c-3c69-4f43-b949-f83c7ea515ea,"OpenVPN",6:(tun0)]: Data:   Static Route: 2001:bc8:47a0:1e53::1000/128   Next Hop: ::
Mar 23 21:13:07 alex-All-Series NetworkManager[1304]: <info>  [1584987187.1843] vpn-connection[0x555688f9c6f0,f7d0c96c-3c69-4f43-b949-f83c7ea515ea,"OpenVPN",6:(tun0)]: Data:   Static Route: 2001:bc8:47a0:1e53::1/128   Next Hop: ::
Mar 23 21:13:07 alex-All-Series NetworkManager[1304]: <info>  [1584987187.1843] vpn-connection[0x555688f9c6f0,f7d0c96c-3c69-4f43-b949-f83c7ea515ea,"OpenVPN",6:(tun0)]: Data:   DNS Domain: '(none)'
Mar 23 21:13:07 alex-All-Series NetworkManager[1304]: <info>  [1584987187.1843] vpn-connection[0x555688f9c6f0,f7d0c96c-3c69-4f43-b949-f83c7ea515ea,"OpenVPN",6:(tun0)]: VPN plugin: state changed: started (4)
Mar 23 21:13:07 alex-All-Series NetworkManager[1304]: <info>  [1584987187.1874] vpn-connection[0x555688f9c6f0,f7d0c96c-3c69-4f43-b949-f83c7ea515ea,"OpenVPN",6:(tun0)]: VPN connection: (IP Config Get) complete
Mar 23 21:13:07 alex-All-Series dbus-daemon[1051]: [system] Activating via systemd: service name='org.freedesktop.nm_dispatcher' unit='dbus-org.freedesktop.nm-dispatcher.service' requested by ':1.32' (uid=0 pid=1304 comm="/usr/sbin/NetworkManager --no-daemon " label="unconfined")
Mar 23 21:13:07 alex-All-Series systemd[1]: Starting Network Manager Script Dispatcher Service...
Mar 23 21:13:07 alex-All-Series NetworkManager[1304]: <info>  [1584987187.1946] device (tun0): state change: unmanaged -> unavailable (reason 'connection-assumed', sys-iface-state: 'external')
Mar 23 21:13:07 alex-All-Series NetworkManager[1304]: <info>  [1584987187.1966] device (tun0): state change: unavailable -> disconnected (reason 'connection-assumed', sys-iface-state: 'external')
Mar 23 21:13:07 alex-All-Series NetworkManager[1304]: <info>  [1584987187.1978] device (tun0): Activation: starting connection 'tun0' (e0f15af4-d710-43f2-a26a-c5ad4e3a37bf)
Mar 23 21:13:07 alex-All-Series NetworkManager[1304]: <info>  [1584987187.1980] device (tun0): state change: disconnected -> prepare (reason 'none', sys-iface-state: 'external')
Mar 23 21:13:07 alex-All-Series NetworkManager[1304]: <info>  [1584987187.1992] device (tun0): state change: prepare -> config (reason 'none', sys-iface-state: 'external')
Mar 23 21:13:07 alex-All-Series NetworkManager[1304]: <info>  [1584987187.1998] device (tun0): state change: config -> ip-config (reason 'none', sys-iface-state: 'external')
Mar 23 21:13:07 alex-All-Series NetworkManager[1304]: <info>  [1584987187.2002] device (tun0): state change: ip-config -> ip-check (reason 'none', sys-iface-state: 'external')
Mar 23 21:13:07 alex-All-Series dbus-daemon[1051]: [system] Successfully activated service 'org.freedesktop.nm_dispatcher'
Mar 23 21:13:07 alex-All-Series systemd[1]: Started Network Manager Script Dispatcher Service.
Mar 23 21:13:07 alex-All-Series NetworkManager[1304]: <info>  [1584987187.2091] policy: set 'OpenVPN' (tun0) as default for IPv4 routing and DNS
Mar 23 21:13:07 alex-All-Series NetworkManager[1304]: <info>  [1584987187.2093] policy: set 'OpenVPN' (tun0) as default for IPv6 routing and DNS
Mar 23 21:13:07 alex-All-Series gsd-sharing[2253]: Failed to StopUnit service: GDBus.Error:org.freedesktop.systemd1.NoSuchUnit: Unit gnome-user-share-webdav.service not loaded.
Mar 23 21:13:07 alex-All-Series gsd-sharing[2253]: Failed to StopUnit service: GDBus.Error:org.freedesktop.systemd1.NoSuchUnit: Unit gnome-remote-desktop.service not loaded.
Mar 23 21:13:07 alex-All-Series NetworkManager[1304]: <info>  [1584987187.2229] device (tun0): state change: ip-check -> secondaries (reason 'none', sys-iface-state: 'external')
Mar 23 21:13:07 alex-All-Series NetworkManager[1304]: <info>  [1584987187.2231] device (tun0): state change: secondaries -> activated (reason 'none', sys-iface-state: 'external')
Mar 23 21:13:07 alex-All-Series NetworkManager[1304]: <info>  [1584987187.2242] device (tun0): Activation: successful, device activated.
Mar 23 21:13:07 alex-All-Series kdeconnectd.desktop[2479]: kdeconnect.core: Broadcasting identity packet
Mar 23 21:13:07 alex-All-Series kdeconnectd.desktop[2479]: kdeconnect.core: Broadcasting identity packet
Mar 23 21:13:07 alex-All-Series systemd-resolved[572]: Server returned error NXDOMAIN, mitigating potential DNS violation DVE-2018-0001, retrying transaction with reduced feature level UDP.
Mar 23 21:13:08 alex-All-Series systemd-resolved[572]: message repeated 4 times: [ Server returned error NXDOMAIN, mitigating potential DNS violation DVE-2018-0001, retrying transaction with reduced feature level UDP.]
Mar 23 21:13:08 alex-All-Series goa-daemon[2435]: goa_ews_client_autodiscover() failed: 2 — Error resolving “autodiscover.outlook.live.com”: Name or service not known
Mar 23 21:13:17 alex-All-Series systemd-resolved[572]: Server returned error NXDOMAIN, mitigating potential DNS violation DVE-2018-0001, retrying transaction with reduced feature level UDP.
Mar 23 21:13:18 alex-All-Series systemd-resolved[572]: message repeated 4 times: [ Server returned error NXDOMAIN, mitigating potential DNS violation DVE-2018-0001, retrying transaction with reduced feature level UDP.]
Mar 23 21:13:19 alex-All-Series systemd[1]: NetworkManager-dispatcher.service: Succeeded.

[AlexDem]

Кстати, заметил любопытную закономерность. Скорость интернета в сети каким то непостижимом для меня образом зависит от включения в конфиг сервера поддержки IPv6.
Вот эти строки:

Код: [Выделить]

server-ipv6 2001:bc8:47a0:1e53::/64
ifconfig-ipv6 2001:bc8:47a0:1e53::1 2001:bc8:47a0:1e53::2
И происходит непонятное. В домашней сети есть 2 устройства, Ubuntu и Android, c одинаковыми конфигами клиента OpenVPN.
Разница только в том, что Ubuntu подключена напрямую к роутеру Mikrotik, а Android по WiFi через Keenetic Giga III - подключенного в роутер по lan в режиме «Точка доступа/Ретранслятор». Так вот если указанные выше строки есть в конфиге сервера - то шустро работает Android девайс, скорость 80 мбит, но жутко тормозит интернет на Ubuntu до 1 мбит. Но если эти строки закомментить, то картина в точности наоборот, Android начинает тормозить, а Ubuntu летает. Я понимаю если бы устройства вели себя одинаково, но почему они реагируют вот так?

На Mikrotik поддержка IPv6 включена, но её отключение не меняют ничего.
И еще... Если отключить клиент OpenVPN на Ubuntu, а подключится к серверу через клиента роутера, т.е. весь трафик в сети пустить через OpenVPN, то даже с включенным на сервере IPv6 то на всех устройствах скорость связи отличная. Но я бы хотел оставить всетаки возможность на самих устройствах включать и выключать VPN, а не реализовывать это на уровне роутера.

IP addr

Код: [Выделить]

ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: enp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 54:a0:50:50:99:f6 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.5/24 brd 192.168.1.255 scope global dynamic noprefixroute enp3s0
       valid_lft 302sec preferred_lft 302sec
    inet6 2a02:2168:80f3:1c00:9614:a490:cefe:8c8b/64 scope global dynamic noprefixroute
       valid_lft 2591972sec preferred_lft 604772sec
    inet6 fe80::ede3:382d:6b4a:33c6/64 scope link noprefixroute
       valid_lft forever preferred_lft forever
8: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UNKNOWN group default qlen 100
    link/none
    inet 10.100.0.6 peer 10.100.0.5/32 brd 10.100.0.6 scope global noprefixroute tun0
       valid_lft forever preferred_lft forever
    inet6 2001:bc8:47a0:1e53::1000 peer 2001:bc8:47a0:1e53::1/64 scope global noprefixroute
       valid_lft forever preferred_lft forever


[AlexDem]

Сам спрашивал, сам отвечаю. Так и не понял, в чем там дело, поэтому просто отключил IPv6 сервера на уровне хостинга. Решение неизящное, т.к. причину проблемы я не нашел, но по крайней мере теперь все работает как надо на всех девайсах. Может потом разберусь что там было.