Testing Tunnel Performance with iperf3

In this guide, you'll learn how to use iperf3 to test throughput and network behavior over a TUN-over-UDP tunnel. This method allows for more advanced testing than ping, including bandwidth, jitter, and packet loss measurements.

Tunnel Setup

We assume you have a working TUN-based VPN tunnel between two Linux devices:

Client (local): 10.0.0.1
Server (remote): 10.0.0.2

iperf3 must be installed on both devices. You can install it via:

sudo apt install iperf3

1. Start the `iperf3` Server

On the server side (10.0.0.2), run:

iperf3 -s

This starts iperf3 in listening mode, waiting for incoming test sessions.

2. Run a TCP Test

On the client side (10.0.0.1), run:

iperf3 -c 10.0.0.2

Sample Output (TCP):

Connecting to host 10.0.0.2, port 5201
[  5] local 10.0.0.1 port 45632 connected to 10.0.0.2 port 5201
[ ID] Interval           Transfer     Bandwidth
[  5]   0.00-1.00   sec  10.5 MBytes  88.0 Mbits/sec
[  5]   1.00-2.00   sec  10.4 MBytes  87.1 Mbits/sec
...
[  5]  0.00-10.00  sec   104 MBytes  87.2 Mbits/sec                  sender
[  5]  0.00-10.00  sec   104 MBytes  87.1 Mbits/sec                  receiver

What You’re Measuring (TCP):

Throughput (Bandwidth) — how much data can be sent through the tunnel in a sustained way.
TCP behavior — includes retransmissions and congestion handling, though not visible by default.

3. Run a UDP Test

UDP tests are great for measuring jitter, packet loss, and latency. However, since UDP is connectionless, you must specify the desired bandwidth.

On the client side (10.0.0.1), run:

iperf3 -c 10.0.0.2 -u -b 10M

-u: Use UDP
-b 10M: Target bandwidth of 10 Mbps

Sample Output (UDP):

Connecting to host 10.0.0.2, port 5201
[  5] local 10.0.0.1 port 56789 connected to 10.0.0.2 port 5201
[ ID] Interval           Transfer     Bandwidth       Total Datagrams
[  5]   0.00-1.00   sec  1.19 MBytes  10.0 Mbits/sec  85
[  5]   0.00-10.00  sec  11.9 MBytes  10.0 Mbits/sec  1000
[  5] Sent 1000 datagrams
[  5] Server Report:
[  5]  0.00-10.00  sec  11.8 MBytes  9.90 Mbits/sec  0.600 ms  0/1000 (0%)  sender
[  5]  0.00-10.00  sec  11.8 MBytes  9.89 Mbits/sec  0.700 ms  0/1000 (0%)  receiver

What You’re Measuring (UDP):

Bandwidth — how much UDP traffic gets through
Jitter — variation in delay between packets
Packet loss — important for evaluating reliability of the tunnel

Optional: Reverse Direction Test

To test performance in the reverse direction (server → client), add the -R flag:

iperf3 -c 10.0.0.2 -R

Or with UDP:

iperf3 -c 10.0.0.2 -u -b 5M -R

Optional: Run Longer Tests

To run tests for a longer period (e.g., 30 seconds):

iperf3 -c 10.0.0.2 -t 30

Summary

Protocol	Use Case	Key Metrics
TCP	Reliable throughput testing	Bandwidth, congestion effects
UDP	Real-time app simulation	Bandwidth, jitter, packet loss

iperf3 is a powerful tool for validating tunnel performance under different traffic conditions. For deeper analysis, consider capturing packets with tcpdump during the test or combining results with ping latency monitoring.

Tunnel Setup​

1. Start the iperf3 Server​

2. Run a TCP Test​

Sample Output (TCP):​

What You’re Measuring (TCP):​

3. Run a UDP Test​

Sample Output (UDP):​

What You’re Measuring (UDP):​

Optional: Reverse Direction Test​

Optional: Run Longer Tests​

Summary​