Hey folks,
happy OWRT and now LEDE user here and I have a question.
I successfully installed and configured OpenVPN on my router, which is a WRT1200AC which more or less the following script (that could help someone at some point maybe):
opkg update
opkg install libustream-openssl openvpn-openssl luci-app-openvpnuci set openvpn.expressvpn=openvpn
uci set openvpn.expressvpn.enabled='1'
uci set openvpn.expressvpn.config='/etc/openvpn/my_expressvpn_switzerland_udp.ovpn'
uci commit openvpnuci set network.expressvpntun=interface
uci set network.expressvpntun.proto='none'
uci set network.expressvpntun.ifname='tun0'
uci commit networkuci add firewall zone
uci set firewall.@zone[-1].name='vpnfirewall'
uci set firewall.@zone[-1].input='REJECT'
uci set firewall.@zone[-1].output='ACCEPT'
uci set firewall.@zone[-1].forward='REJECT'
uci set firewall.@zone[-1].masq='1'
uci set firewall.@zone[-1].mtu_fix='1'
uci add_list firewall.@zone[-1].network='expressvpntun'
uci add firewall forwarding
uci set firewall.@forwarding[-1].src='lan'
uci set firewall.@forwarding[-1].dest='vpnfirewall'
uci commit firewalluci set network.wan.peerdns='0'
uci del network.wan.dns
uci add_list network.wan.dns='8.8.8.8'
uci add_list network.wan.dns='8.8.4.4'
uci commit/etc/init.d/openvpn start
reboot
So far, everything seems to work - if I check my routes via traceroute
I see nothing suspicious and checking my IP and DNS addresses via the various tools on the internet works out fine.
But I see that the traffic on my TUN interface is much lower than on my WAN interface. I know that it has to and should be lower but by how much? I understood that my traffic would first go to my TUN interface which is in the private network of the OpenVPN server. My LAN traffic is naturally higher since I have files coming in and going out of my router but should the WAN traffic not be naturally just about the same as the TUN traffic?
I would be grateful if someone could give me a couple of hints there.