OpenVPN speeds

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

Squidmata

New Around Here
Hi. First-time poster, long-time lurker. If I've posted this in the wrong place, please let me know where I should be..

I have an issue with my OpenVPN throughput, where I'm not getting anywhere near the speeds I should. Here are my setup details (more detail available upon request):

  • VPS Server (Ubuntu 20.04), running OpenVPN 2.4.7. Bandwidth reported by speedtest-cli is generally ~250Mbps down / ~300Mbps up - (London, UK)
  • RT-AC86U, running Asuswrt-Merlin 386.2_6 (Helsinki, Finland)
  • ISP is 200/20
At the most conservative estimates, I believe I should expect to get at least 50% of my available bandwidth, but I'm getting max 40Mbps download from the the router speedtests, and also from speedtest-cli on connected clients. I'm maxing out the upload, but that's only 20Mbps.

I'm happy to provide any info needed, if anyone can point me in the right direction - I bought the RT-AC86U because of the hardware AES-NI capability, but that doesn't seem to have improved things much from my previous setup on an RT-N66U, so I'm a little stumped on what to look at next.

EDIT: I have tried non-standard ports, and that didn't make a difference, so I guess that rules out the ISP throttling traffic on that port.
 
Last edited:

RMerlin

Asuswrt-Merlin dev
Try switching between UDP and TCP. For some reason, newer Broadcom SDKs seem to have a throughput issue with one of these two - can't remember which one.
 

Squidmata

New Around Here
Try switching between UDP and TCP. For some reason, newer Broadcom SDKs seem to have a throughput issue with one of these two - can't remember which one.
Thanks for the super quick response :)

Switching to TCP gained me ~15Mbps, so I'm now up to ~55Mbps down, but I think the issue might be with my VPS..

I just connected my Macbook directly via the "OpenVPN Connect" app, using a new generated profile, and the speeds are the same (including the increase when switching to TCP), which would seem to rule out the router as the bottleneck.

I don't suppose anyone knows of any tips to improve OpenVPN server speeds..???
 

L&LD

Part of the Furniture
Connect to a faster server.
 

Squidmata

New Around Here
I'll reply to myself in case this is of interest to anyone else. This (5 year-old) thread over at the pfSense forums details a way to get a theoretical benchmark for OpenVPN, but my results are wildly out of line with what's posted there, and seem to suggest I should have a 2Gbps theoretical throughput, which I most certainly do not have :(
 

Tech9

Very Senior Member
I believe OpenVPN is single core even on x86 platforms. With some luck I can see 350Mbps on my SG-5100 firewall. 2Gbps - I don't know, Core i9 at 5GHz perhaps. For high VPN speeds you have to look at IPsec and Wireguard. OpenVPN is secure, but very CPU demanding.
 

Squidmata

New Around Here
Ok, this story turned out pretty well. I've gone from ~40Mbps/20Mbps (up/down) to ~110Mbps/20Mbps with a combination of tweaks - thank you to everyone who gave hints :)

Here's what I did, in case anyone else is in the same boat:
  1. Switched VPS provider :) - took me to ~60/20
  2. Switched to TCP - took me to ~80/20
  3. Moved the client from slot 2 to slot 1 - took me to ~110/20
A side note. This thread about benchmarking OpenVPN speeds is obsolete now, I guess. If I run the commands there, I get the following results:
real 0m0.632s
user 0m0.620s
sys 0m0.012s

Overall, pretty happy. Thanks for listening!
 
Last edited:

L&LD

Part of the Furniture
Thanks for following up!
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top