Return to

[SOLVED - don't use compression] Enable compression server side OpenVPN



Hi everyone. I installed recently OpenVPN on my Raspberry Pi through the PiVPN script. Everything works well but I think performance could be boosted by a bit using compression. I’ve hit the VPN with a speedtest and found that, at worst, the VPN uses 60% of one core and 40% of another for a brief period of time so I wanted to use more CPU to try and saturate the 100Mbit port. Done some research and I’ll be honest I didn’t understand a damn thing. The only thing clear to me is that there are three types of compression lzo, lz4 and compress.
I don’t know how to check if one of them is enabled, I don’t know where the config file is and I don’t know how to enable it following the OpenVPN instructions.
Do you have any clear guide on how to do those things? Thanks!


The server config file is usually at /etc/openvpn/server.conf, all you need to do is add the line comp-lzo to the config file. You will also need to enable compression on the client.


Don’t. Using compression together with encrypted connections opens you up to security vulnerabilities.

See the VORACLE attack here:

For now, it is advised that users of the OpenVPN Access Server and the OpenVPN Connect Client software disable the use of compression.


I did that and my connection dropped to a couple kB/s so I guess it didn’t work.

@pFtpr Thanks for the useful insight, I didn’t know about that. So I don’t have to worry about that I guess. I’ll mark the thread as solved.