How to increase IPTV upload speed using OpenVPN

this tutorial will try to explain how to increase your upload speed, it will be very helpful to upload your local IPTV streams to your server.
With OpenVPN you can tunnel any IP subnetwork or virtual Ethernet adapter over a single UDP or TCP port, which will be secure and encrypted.
Below example will explain my scenario:
1- We have here there location, location 1 France , Location 2 UK-London , Location 3 UK-Bristol
2- Location 1: Dedicated server 64 bit (Debain 7) on France Bandwidth 250 MB
3- Location 2 : Ubuntu 14.04 , 64 bit server, 70 MB download & 10 MB upload
4- Location 3 : Ubuntu 14.04 , 64 bit server, 100 MB download & 20 MB upload

We are going to install OpenVPN server on location 1 and OpenVPN client on location 2 and 3. So basically we will have VPN tunnels between location 1, 2 and 3.
The VPN tunnel will have the same speed (download and upload) on our example the tunnel speed will something around 40MB – 55 MB download and upload speed.

How to install and set-up OpenVPN in Debian 7 (Wheezy) location 1
Make sure the Debian system is fully up to date
Verify if TUN support is enabled on the system
use the following one-liner to verify ifTUNsupport is enabled on the Debian system. if using a VPS (Virtual Private Server), some virtualization layers such asvServersandOpenVZrequire TUN to be enabled on/from the host machine.

also for this to work you need to have CONFIG_TUN enabled in the kernel
Install OpenVPN

Set-up Easy-RSA


Set-up default values in Easy-RSA

set-up default values for use by the scripts

export them

delete previously created certs

Generate the CA certificate

generate the CA certificate using thebuild-cascript

Generate the server certificate

generate VPN server certificate using thebuild-key-serverscript

  • Sign the certificate? [y/n]:y
  • 1 out of 1 certificate requests certified, commit? [y/n]y
Generate the Diffie-Hellman PEM certificate

generate the Diffie-Hellman PEM certificate using thebuild-dhscript

Generate client certificate
generate client certificate using thebuild-keyscript

  • Sign the certificate? [y/n]:y
  • 1 out of 1 certificate requests certified, commit? [y/n]y
Generate (HMAC)

generate secret Hash-based Message Authentication Code (HMAC) using

Deploy the certificates

copy the required certificates to the particular machine/device (server or client)

  • Thepublicca.crtcertificate is needed on all servers and clients
  • Theprivateca.keykey is secret and only needed on the key generating machine
  • A server needsserver.crt,dh2048.pem(public),server.keyandta.key(private)
  • A client needsclient.crt(public),client.keyandta.key(private)
Set-up certificates and keys on the server

place the certificates and keys on the server in the/etc/openvpn/certsdirectory.

Configure the OpenVPN server
set-upOpenVPN serverconfiguration file in/etc/openvpn/server.conf

Start the OpenVPN server
start theOpenVPN serverand add enable it to run on system's start-up using

Enable forwarding and set-up iptables
enable network forwarding by uncommenting/addingnet.ipv4.ip_forward = 1tosysctl.conf

set-up the followingiptablesrules

for persistent firewall rules you may want to use theiptables-persistentpackage or just set-up a simple script in/etc/network/if-pre-up.d/which will load the rules in/etc/iptables.rulesusingiptables-restore

for example:

How to install and set-up OpenVPN Client (Ubuntu) location 1 & 2

Copy the files ca.crt , clientx.crt , clientx.key and ta key to /home/d/confs or whatever path you like but you edit the path on client.conf.
Create the following client.conf configuration file

restart openvpn

No comments:
Write comments

Recently Updated