Re: [Openvpn-users] migrating from lzo to lz4

[Jan J. K. <ja...@ni...>]

On 16/11/17 11:45, Ralf Hildebrandt wrote:
> * Jan Just Keijser <ja...@ni...>:
>
>> yes, pretty much: all clients that have 'comp-lzo' in the client config and
>> that support LZ4 can be told to use LZ4 compression by adding
>>    push "compress lz4"
>> in the server config.
> I have a mix of Windows (openvpn 2.3 and 2.4)
> and Mac (openvpn 2.3 only, I wonder why TunnelBlick shuns 2.4?) clients
> out in the field.
>
> So you say, I can simply
>
> push "compress lz4"
>
> to all client (?) and then
>
> a) either the client will accept and use lz4 (2.4 I guess)
> b) or the client will fail, ignore the push and use lzo instead?
then I'd put "comp-lzo yes" on all clients (2.3 clients don't recognize "compress").
>> "push-peer-info" will tell you whether a client supports LZ4 or not.
> How do I use that?

This makes a very nice example for a future cookbook :)
You'd use OpenVPN 2.4+ on the server with a client-connect script like this:
====
#!/bin/bash

env | grep IV_

if [ "${IV_LZ4:-0}" -eq 1 ]
then
     echo "Enabling LZ4 compression for client $common_name"
     echo "compress lz4" > $1
     echo "push \"compress lz4\"" >> $1
else
     echo "Enabling LZO compression for client $common_name"
     echo "comp-lzo" >> $1
     echo "push \"comp-lzo\"" >> $1
fi

====

my server log file shows:

Thu Nov 16 13:53:58 2017 192.168.0.49:55089 [client2] Peer Connection Initiated with [AF_INET]192.168.0.49:55089
Thu Nov 16 13:53:58 2017 client2/192.168.0.49:55089 MULTI_sva: pool returned IPv4=10.200.0.2, IPv6=2001:610:120::200:0:1001
IV_COMP_STUBv2=1
IV_LZ4v2=1
IV_COMP_STUB=1
IV_LZ4=1
IV_PLAT=linux
IV_PROTO=2
IV_LZO=1
IV_TCPNL=1
IV_NCP=2
IV_VER=2.4.4
Enabling LZ4 compression for client client2
Thu Nov 16 13:54:04 2017 192.168.0.180:43459 peer info: IV_VER=2.3.7
Thu Nov 16 13:54:04 2017 192.168.0.180:43459 peer info: IV_PLAT=linux
Thu Nov 16 13:54:04 2017 192.168.0.180:43459 peer info: IV_PROTO=2
Thu Nov 16 13:54:04 2017 192.168.0.180:43459 [client1] Peer Connection Initiated with [AF_INET]192.168.0.180:43459
Thu Nov 16 13:54:04 2017 client1/192.168.0.180:43459 MULTI_sva: pool returned IPv4=10.200.0.3, IPv6=2001:610:120::200:0:1002
IV_PLAT=linux
IV_PROTO=2
IV_VER=2.3.7
Enabling LZO compression for client client1


and yes, the server is able to simultaneously use LZO for client1 and LZ4 for client2.

HTH,

JJK