So I recently set up a bridged OpenVPN server on my NAS and noticed that the bridging of the virtual TAP device with my physical NIC resulted in slow performance of LAN traffic to and from the NAS (ie. went from near gigabit speed to ~200mbps). Breaking the bridge returns LAN speed to normal.
One possible solution to keep both the VPN capability and gigabit LAN speed is installing a second NIC with a different IP address on the same subnet.
My setup would be as follows with both adapters connected to my router:
eth0 would be bridged with VPN TAP to allow VPN clients access to the network.
eth1 would be just for LAN traffic to and from the NAS (ie. for file sharing, media streaming).
Now I have read in several places that it is not a good idea as having two NICs in one computer on the same subnet often results in connectivity problems. However, I don't try to access any resources from the NAS except when logged in remotely through the VPN (which should be forced to connect through the bridged adapter eth0). All other traffic to the NAS is initiated from LAN computers via drive mapping (with IP address) which theoretically should force the connection through eth1.
Is there any fundamental networking principal that I am missing here? Has anyone tried this? Is there a better way to solve this problem?
I should have the adapter in a couple days and will attempt to set it up.
One possible solution to keep both the VPN capability and gigabit LAN speed is installing a second NIC with a different IP address on the same subnet.
My setup would be as follows with both adapters connected to my router:
eth0 would be bridged with VPN TAP to allow VPN clients access to the network.
eth1 would be just for LAN traffic to and from the NAS (ie. for file sharing, media streaming).
Now I have read in several places that it is not a good idea as having two NICs in one computer on the same subnet often results in connectivity problems. However, I don't try to access any resources from the NAS except when logged in remotely through the VPN (which should be forced to connect through the bridged adapter eth0). All other traffic to the NAS is initiated from LAN computers via drive mapping (with IP address) which theoretically should force the connection through eth1.
Is there any fundamental networking principal that I am missing here? Has anyone tried this? Is there a better way to solve this problem?
I should have the adapter in a couple days and will attempt to set it up.