How to increase IPTV upload speed using OpenVPN



this tutorial will try to explain how to increase your upload speed, it will be very helpful to upload your local IPTV streams to your server.
Introduction:
With OpenVPN you can tunnel any IP subnetwork or virtual Ethernet adapter over a single UDP or TCP port, which will be secure and encrypted.
Below example will explain my scenario:
1- We have here there location, location 1 France , Location 2 UK-London , Location 3 UK-Bristol
2- Location 1: Dedicated server 64 bit (Debain 7) on France Bandwidth 250 MB
3- Location 2 : Ubuntu 14.04 , 64 bit server, 70 MB download & 10 MB upload
4- Location 3 : Ubuntu 14.04 , 64 bit server, 100 MB download & 20 MB upload

We are going to install OpenVPN server on location 1 and OpenVPN client on location 2 and 3. So basically we will have VPN tunnels between location 1, 2 and 3.
The VPN tunnel will have the same speed (download and upload) on our example the tunnel speed will something around 40MB – 55 MB download and upload speed.

How to install and set-up OpenVPN in Debian 7 (Wheezy) location 1
Make sure the Debian system is fully up to date
Verify if TUN support is enabled on the system
use the following one-liner to verify ifTUNsupport is enabled on the Debian system. if using a VPS (Virtual Private Server), some virtualization layers such asvServersandOpenVZrequire TUN to be enabled on/from the host machine.

also for this to work you need to have CONFIG_TUN enabled in the kernel
Install OpenVPN
installOpenVPNusingapt




Set-up Easy-RSA

set-upeasy-rsain/root/easy-rsa


Set-up default values in Easy-RSA

set-up default values for use by the scripts


export them


delete previously created certs


Generate the CA certificate

generate the CA certificate using thebuild-cascript



Generate the server certificate

generate VPN server certificate using thebuild-key-serverscript


  • Sign the certificate? [y/n]:y
  • 1 out of 1 certificate requests certified, commit? [y/n]y
Generate the Diffie-Hellman PEM certificate

generate the Diffie-Hellman PEM certificate using thebuild-dhscript



Generate client certificate
generate client certificate using thebuild-keyscript


  • Sign the certificate? [y/n]:y
  • 1 out of 1 certificate requests certified, commit? [y/n]y
Generate (HMAC)

generate secret Hash-based Message Authentication Code (HMAC) using


Deploy the certificates

copy the required certificates to the particular machine/device (server or client)

  • Thepublicca.crtcertificate is needed on all servers and clients
  • Theprivateca.keykey is secret and only needed on the key generating machine
  • A server needsserver.crt,dh2048.pem(public),server.keyandta.key(private)
  • A client needsclient.crt(public),client.keyandta.key(private)
Set-up certificates and keys on the server

place the certificates and keys on the server in the/etc/openvpn/certsdirectory.


Configure the OpenVPN server
set-upOpenVPN serverconfiguration file in/etc/openvpn/server.conf


Start the OpenVPN server
start theOpenVPN serverand add enable it to run on system's start-up using


Enable forwarding and set-up iptables
enable network forwarding by uncommenting/addingnet.ipv4.ip_forward = 1tosysctl.conf


set-up the followingiptablesrules


for persistent firewall rules you may want to use theiptables-persistentpackage or just set-up a simple script in/etc/network/if-pre-up.d/which will load the rules in/etc/iptables.rulesusingiptables-restore

for example:



How to install and set-up OpenVPN Client (Ubuntu) location 1 & 2



Copy the files ca.crt , clientx.crt , clientx.key and ta key to /home/d/confs or whatever path you like but you edit the path on client.conf.
Create the following client.conf configuration file




restart openvpn






Recently Updated