VPN Throttling

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

Weggy

Regular Contributor
Issue:
My internet download speed appears to be throttled somehow (uncertain how) when utilising a VPN via my router. My NAS is setup to ensure all traffic goes via my VPN using Open VPN and strict policy rules. However, when connection via the VPN my speeds are around 50% of what they should be and there is no clear sign as to why this is (at least I've run out of ideas). I'm 100% sure (I think :) ) it's not my service provider (PIA), I double checked this theory by trying another provider (privado) and the issue still persist. I can only assume the issue is my end.

Setup:
Router: Asus RT-AC5300 (Firmware Version:384.18)
Internet Down\Up Speed: 114Mbps\5Mbps
NAS: Synology DS1019+
VPN Service: Private Internet Access

Does anyone know if this is a known issue with the firmware I'm using or if I might have made a mistake in my setup which is why I'd be getting an issue like this.

Any help would be greatly appreciated as I'm completely out of ideas (googling) to fix this issue.
 

L&LD

Part of the Furniture
Are you saying you're achieving around 50Mbps with VPN connections? If so, that is the limit of your router's hardware.
 

Weggy

Regular Contributor
I can achieve over 100Mbps without a VPN running on my Asus RT-AC5300.

With a VPN active, the speed drops to ~50Mbps.
 

ColinTaylor

Part of the Furniture
With an RT-AC5300 the most you will get is about 60 to 70 Mbps (possibly slightly less because of your generally slow connection).
 

Weggy

Regular Contributor
"With an RT-AC5300 the most you will get is about 60 to 70 Mbps."
How are you calculating that? And do you mean with or without a VPN?
 

L&LD

Part of the Furniture
Yes, you've reached the limit of your hardware with that provider and servers tested.

If you want to have 200Mbps or faster, an RT-AC86U, RT-AX86U, or an RT-AX88U will give you the performance you need to potentially not be bottlenecked by the hardware.

(Potentially, because it still depends on the other end you connect the VPN too).
 

ColinTaylor

Part of the Furniture
"With an RT-AC5300 the most you will get is about 60 to 70 Mbps."
How are you calculating that? And do you mean with or without a VPN?
The VPN speed is limited by the speed of your router's CPU. I can get about 55 to 60 Mbps before hitting my router's CPU limit. Your router's CPU is 16% faster than mine.
 

Weggy

Regular Contributor
The VPN speed is limited by the speed of your router's CPU. I can get about 55 to 60 Mbps before hitting my router's CPU limit. Your router's CPU is 16% faster than mine.
I'm not sure this is true (nor wrong :) ). But I've tried moving the VPN off the router and onto my NAS (far more powerful CPU) and the results are the same. In this case, surely all the router is doing is transferring the data?
 

ColinTaylor

Part of the Furniture
I'm not sure this is true (nor wrong :) ). But I've tried moving the VPN off the router and onto my NAS (far more powerful CPU) and the results are the same. In this case, surely all the router is doing is transferring the data?
Then that would be a different issue. The various routers' throughput performance is well known and has been discussed in detail for many years.
 

ColinTaylor

Part of the Furniture
But I've tried moving the VPN off the router and onto my NAS (far more powerful CPU) and the results are the same.
What throughput do you get when running the VPN client on a desktop PC?
 

L&LD

Part of the Furniture
Sounds like you're misconfiguring something then on the router and/or the NAS (btw, which model do you have)?
 

Weggy

Regular Contributor
I think I've got it working via running the VPN on the NAS. What did I do? Turn it off and on again. FML :)
 

eibgrad

Very Senior Member
I'm not sure this is true (nor wrong :) ). But I've tried moving the VPN off the router and onto my NAS (far more powerful CPU) and the results are the same. In this case, surely all the router is doing is transferring the data?

The problem is not just a matter of transferring data, but how that data is managed in the non-VPN vs. VPN modes. And it's not just the CPU itself, but the overall system architecture used on the router compared to say a full-blown desktop (x86).

 

Mark2020

New Around Here
Hey All, I have a similar issue...but worse and I really appreciate any help or guidance.
I'm using Asus AC5300 with Asuswrt-Merlin 384.19. I'm connected to a high-speed internet of 1Gps (1,000 Mbps). when I use a VPN, my internet speed drops to 20-35MBps and im not sure why ?
The speed without VPN is - 943Mbps
The Speed with Window VPN app |( IKve2) - is 464Mbps ( I don't want to use this option as I have 15+ devices,,,)
The Speed with OpenVPN on the router is 20-35MbPS :(

Plz see include the speed info and the router setup including VPN
Setup : https://support.ipvanish.com/hc/en-...Configure-IPVanish-OpenVPN-in-ASUSWRT-Merlin-

Any Help is welcome and appreciated!

Tnx
Mark
 

Attachments

  • Speed-with-without-VPN.JPG
    Speed-with-without-VPN.JPG
    58.9 KB · Views: 24
  • Router-setup-v1.JPG
    Router-setup-v1.JPG
    102.5 KB · Views: 25

L&LD

Part of the Furniture
Have you tried different servers? Different types of encryption?

Are you also running other features/options on the router?

If so, that is all you can expect from the hardware.
 

isr25

Occasional Visitor
This is normal as AC5300 unfortunately does not have AES-NI acceleration for VPN. But even with hardware accelerated VPN from the latest routers, you may only get around 300Mbps.
 

Mark2020

New Around Here
Have you tried different servers? Different types of encryption?

Are you also running other features/options on the router?

If so, that is all you can expect from the hardware.
yes, I did try the above ...but didn't got any change...
I did got a small change when I used different clients like PPTP/L2TP... which brought the speed to 100Mbps... but it’s incredibly insecure.
Do you know how I can add IKEv2/IPSec as an option on the VPN client? or look into a WireGuard... this can help a bit...?
 

Mark2020

New Around Here
This is normal as AC5300 unfortunately does not have AES-NI acceleration for VPN. But even with hardware accelerated VPN from the latest routers, you may only get around 300Mbps.
Thank you, can u share your favorite for a router with AES-NI acceleration that can work with Merlin software ? its will be great to have at least 300Mbps...

here a few that i found:

devices are using these Broadcom processors?

Asus RT-AC68U Extreme
Asus RT-AC86U (AC2900 version)
Asus GT-AC5300
Asus GT-AX11000
Asus RT-AX95U
Asus RT-AX88U
Arris SurfBoard W31
D-Link DIR-X6060
 
Last edited:

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top