ColinTaylor
Part of the Furniture
You'd only notice it if you're using a wireless client that's normally able to saturate the GbE LAN connection. Here's my ax client saturating the link:
Last edited:
WG Server test with flowcache bypass
- Thread starter RMerlin
- Start date
sfx2000
Part of the Furniture
It shouldn't have any impact to LAN side traffic, either wireless or ethernet as this is all layer 2 traffic thru the switch, and shouldn't hit runner...
ColinTaylor
Part of the Furniture
I can't put my finger on exactly what causes the problem. Simply running
runner disable doesn't seem to cause the issue. In theory QoS (Cake or otherwise) ought not to have any impact at all but yet it seems it does. I admit that logically none of this makes sense so I can only assume there's some other factor in play that I'm not aware of.I'm not really in a position to do any more testing with this so I'll have to leave it to others if they're interested.
896 Mb/sec. That's close to 1-Gb on WiFi...
Looks like you have demonstrated that there is no issue.
ColinTaylor
Part of the Furniture
I was demonstrating to @Tech9 (see post #60) what it looks like when there's isn't a problem. When there is a problem the throughput drops to about 80% of that. As I said in my last post I'm not in a position to test this any more as this is my primary router, but @supe has posted all the relevant information before.
Last edited:
Release - Asuswrt-Merlin 388.1 is now available for all supported Wifi 6 models
Still having random reboots from the kernel panic bug on my AX86U, anyone got a solution on what to do? Thats quite bad something causing your router to be unstable hardware/software failure
www.snbforums.com
Guessing fc, at least interacts, if not is required by, nat acceleration. I could have confused the 2, though. However, disabling fc after enabling Adaptive QoS fixes the issue on the AX86U, of throttled speeds.
Release - Asuswrt-Merlin 388.1 is now available for all supported Wifi 6 models
Still having random reboots from the kernel panic bug on my AX86U, anyone got a solution on what to do? Thats quite bad something causing your router to be unstable hardware/software failure
Guessing fc, at least interacts, if not is required by, nat acceleration. I could have confused the 2, though. However, disabling fc after enabling Adaptive QoS fixes the issue on the AX86U, of throttled speeds.
When you do this, is QOS working properly? Overload your WAN link with lots of downloads and then try streaming a few 4K sources. Any stutter?
It "works" in that it correctly segments traffic. It just throttles the download bandwidth to ~300Mbps, which defeats the purpose of using Adaptive. Cake can hit this, and with less hassle, without hardware acceleration
I don't know why anyone would use any QOS that CAKE. All the others are an exercise in frustration.
Tech9
Part of the Furniture
I have actually tested Cake QoS and Bandwidth Limiter on a common Cable ISP connection and both produce very similar results. As long as the ISP line (with already QoS applied) is not saturated there is no bufferbloat and the latency stays low. For up to 300Mbps ISP lines Bandwidth Limiter is a good option for stock Asuswrt users. It can also be applied to a group of high bandwidth devices only by using DHCP reservations and Target group.
that's the frustration - anyone over ~300Mbps can choose to either use no QoS, or reduce their bandwidth.
If I had <300, Cake would be my choice too.
rkk2025
Occasional Visitor
I'm on AsusWRT Merlin 386.7_2 and I have both Runner and Flow Cache HW Acceleration enabled while I have Wireguard running in a site-to-site setup + a couple of single peers to connect to my LAN from the outside if necessary. I did have to modify the Wireguard "amtm" script to prevent it from disabling the HW acceleration, and so far I had no issues whatsoever (No disconnections nor speed issues).
Without going too much off topic, could @RMerlin or somebody with some insight into this matter explain why HW offloading is causing issues with Wireguard running on the router? What's the difference or incompatibility with running Wireguard with all hardware acceleration enabled vs having it bypassing the flowcache?
Is it some kind of security risk I'm exposing myself to by having HW acceleration enabled? Or is it just a speed penalty? (I did a couple of IPerf speed tests and I do not see the speed penalty, but I only have 60MBit of upload speed with my ISP)
Without going too much off topic, could @RMerlin or somebody with some insight into this matter explain why HW offloading is causing issues with Wireguard running on the router? What's the difference or incompatibility with running Wireguard with all hardware acceleration enabled vs having it bypassing the flowcache?
Is it some kind of security risk I'm exposing myself to by having HW acceleration enabled? Or is it just a speed penalty? (I did a couple of IPerf speed tests and I do not see the speed penalty, but I only have 60MBit of upload speed with my ISP)
ZebMcKayhan
Very Senior Member
I would be interested in this explanation as well.
My conclusion of the issue is NAT that takes place to and/or from a local process. From a system perspective we could compare Wireguard to dnsmasq (or Unbound / AGH). Both are local processes in the router. Both recieves packets from lan and creates a new packet that goes out WAN. And apparantly Wireguard runs just fine with both flowcache and runner enabled just like dnsmasq when it does exactly like this as in your site2site configuration.
Based on this simple reasoning I would like to believe that it is when you start to do SNAT on a package going to and/or from a local process. DNSDirector currently performs DNAT to dnsmasq which appears fine so the problem may only be related to SNAT (MASQUARADE).
So as wireguard is basically speed limited by routers ability to perform SNAT in software it would be interesting to find out exactly what makes the incompatability. For Example a Wireguard server peer on the router wouldnt NEED snat (altough its convenient) so I wonder which speeds could be reached then?? And for all those out there running server peers without nat, could they enable fc/runner again?
There were also another remark from someone that it was caused by packet transaction to/in kernel space (dont know if dnsmasq is in kernel or user space) so there could be more to the story but it wouldnt go well with the fact that wg site2site works perfectly with fc and runner enabled.
By the way, WireguardManager dont disable FC automatically anymore on any router, its up to the userconfig. So you shouldnt have to hack the script anymore.
Last edited:
heysoundude
Part of the Furniture
1Gbps availability IS the new normal- my local cable provider has been offering 1Gb/30Mb FTTN at the same price as my 50/10 DSL for the past 6mo, and I can't say I've not struggled with temptation...but while my DL speed would 20x, why is my upload only 3x?
if you think 4k-HDR-Atmos is too much, wait until you've tried AR...the bubbles are coming for you, and AI will customize it to you. Soma would say it's a Brave New World...
Do you mean Rover? Was that a reference to The Prisoner (Patrick McGoohan spy series from the '60s)? If so, are you #6 or #2 ?
Sorry for the off topic post.
heysoundude
Part of the Furniture
heysoundude
Part of the Furniture
not familiar..so, no.
Similar threads
Similar threads
Similar threads
-
IPSec VPN Server with VNC connection causes ASUS RT-AC3100 to Reboot
- Started by lporchas
- Replies: 0
-
-
-
-
-
When I access the System Log --> IPv6 tab the web server crashes
- Started by Logi
- Replies: 0
-
Solved Inadyn Fails to verify server certs after update to 388.6
- Started by astephon88
- Replies: 3
-
-
How can I do this.. Router VPN Client to Server 2
- Started by ComputerSteve
- Replies: 3
-
VPN Client with Public IP, split tunnel web server over VPN and other traffic not on the VPN
- Started by Grefyne
- Replies: 4
Sign Up For SNBForums Daily Digest
Get an update of what's new every day delivered to your mailbox. Sign up here!