Menu
What's new
By:
Filters Better Search

Slow VPN speeds on AC3100

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

A

andresmorago

Senior Member
Hello to all
My apologies in advanced since this has been discussed before. Im just trying to understand if im doing wrong with my VPN setup on my routers side.

This is my current setup:
My internet connection is 100/10. My AC3100 router is connected to it with a public ip address provided by my isp.
I have an Amazon EC2 linux VPS running openvpn. IP 10.0.2.1
My AC3100 is connected to this VPN server with open vpn client 1. It gets the IP 10.0.2.2 from vpn server. I have a selective routing thanks to @Xentrk scripts
All devices connected to my ac3100 router can reach http://10.0.2.1/speedtest in which i have a speedtest server running.

My issue is that When i run a speed test from any device connected to the router, i get a maximum of 18/10. even less than that

But running the same speedtest on a device directly connected to the vpn server (for example an iPhone and the openvpn app, gives me a full speed 100/10). This iPhone for example, is connected to ac3100 wifi.

my openvpn server has this conf file
Code: 
port 443
proto udp
dev tun

duplicate-cn
ca ca.crt
cert server.crt
key server.key
dh dh.pem
auth SHA1
tls-crypt ta.key
ncp-disable
cipher AES-128-GCM
reneg-sec 0

sndbuf 0
rcvbuf 0
push "sndbuf 393216"
push "rcvbuf 393216"

mssfix 1492
txqueuelen 1000

topology subnet
server 10.0.2.0 255.255.255.0
ifconfig-pool-persist ipp.txt

push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 10.0.2.1"
#push "dhcp-option DNS 8.8.8.8"
push "route 10.0.0.0 255.255.255.0"
push "route 10.0.1.0 255.255.255.0"
keepalive 10 120

user nobody
group nogroup

persist-key
persist-tun
status openvpn-status.log
verb 3
crl-verify crl.pem

my ac3100 has this config
1.JPG 2.JPG 3.JPG
Code: 
resolv-retry infinite
remote-cert-tls server
fast-io
route 10.0.2.0 255.255.255.0
route 10.0.1.0 255.255.255.0
route 10.0.0.0 255.255.255.0
auth-nocache
mssfix 1492

here is my client1 log on the router
Code: 
Dec 19 18:42:28 RT-AC3100-0548 ovpn-client1[2576]: OpenVPN 2.4.7 arm-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Jul 31 2019
Dec 19 18:42:28 RT-AC3100-0548 ovpn-client1[2576]: library versions: OpenSSL 1.1.1c  28 May 2019, LZO 2.08
Dec 19 18:42:28 RT-AC3100-0548 ovpn-client1[2583]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Dec 19 18:42:28 RT-AC3100-0548 ovpn-client1[2583]: Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Dec 19 18:42:28 RT-AC3100-0548 ovpn-client1[2583]: Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Dec 19 18:42:28 RT-AC3100-0548 ovpn-client1[2583]: Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Dec 19 18:42:28 RT-AC3100-0548 ovpn-client1[2583]: Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Dec 19 18:42:31 RT-AC3100-0548 adaptive QOS: Delayed Start Canceled
Dec 19 18:42:32 RT-AC3100-0548 adaptive QOS: Applying - Iptable Down Rules
Dec 19 18:42:32 RT-AC3100-0548 adaptive QOS: Applying - Iptable Up   Rules (eth0)
Dec 19 18:42:33 RT-AC3100-0548 adaptive QOS: TC Modification Delayed Start (5min)
Dec 19 18:42:39 RT-AC3100-0548 ovpn-client1[2583]: TCP/UDP: Preserving recently used remote address: [AF_INET]xxx.xxx.xxx.xxx:443
Dec 19 18:42:39 RT-AC3100-0548 ovpn-client1[2583]: Socket Buffers: R=[122880->122880] S=[122880->122880]
Dec 19 18:42:39 RT-AC3100-0548 ovpn-client1[2583]: UDP link local: (not bound)
Dec 19 18:42:39 RT-AC3100-0548 ovpn-client1[2583]: UDP link remote: [AF_INET]xxx.xxx.xxx.xxx:443
Dec 19 18:42:39 RT-AC3100-0548 ovpn-client1[2583]: TLS: Initial packet from [AF_INET]xxx.xxx.xxx.xxx:443, sid=6124c995 1fdd16fc
Dec 19 18:42:39 RT-AC3100-0548 ovpn-client1[2583]: VERIFY OK: depth=1, CN=ChangeMe
Dec 19 18:42:39 RT-AC3100-0548 ovpn-client1[2583]: VERIFY KU OK
Dec 19 18:42:39 RT-AC3100-0548 ovpn-client1[2583]: Validating certificate extended key usage
Dec 19 18:42:39 RT-AC3100-0548 ovpn-client1[2583]: ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Dec 19 18:42:39 RT-AC3100-0548 ovpn-client1[2583]: VERIFY EKU OK
Dec 19 18:42:39 RT-AC3100-0548 ovpn-client1[2583]: VERIFY OK: depth=0, CN=server
Dec 19 18:42:40 RT-AC3100-0548 ovpn-client1[2583]: Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 2048 bit RSA
Dec 19 18:42:40 RT-AC3100-0548 ovpn-client1[2583]: [server] Peer Connection Initiated with [AF_INET]xxx.xxx.xxx.xxx:443
Dec 19 18:42:41 RT-AC3100-0548 ovpn-client1[2583]: SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Dec 19 18:42:41 RT-AC3100-0548 ovpn-client1[2583]: PUSH: Received control message: 'PUSH_REPLY,sndbuf 393216,rcvbuf 393216,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 10.0.2.1,route 10.0.0.0 255.255.255.0,route 10.0.1.0 255.255.255.0,route-gateway 10.0.2.1,topology subnet,ping 10,ping-restart 120,ifconfig 10.0.2.4 255.255.255.0,peer-id 2'
Dec 19 18:42:41 RT-AC3100-0548 ovpn-client1[2583]: OPTIONS IMPORT: timers and/or timeouts modified
Dec 19 18:42:41 RT-AC3100-0548 ovpn-client1[2583]: OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
Dec 19 18:42:41 RT-AC3100-0548 ovpn-client1[2583]: Socket Buffers: R=[122880->245760] S=[122880->245760]
Dec 19 18:42:41 RT-AC3100-0548 ovpn-client1[2583]: OPTIONS IMPORT: --ifconfig/up options modified
Dec 19 18:42:41 RT-AC3100-0548 ovpn-client1[2583]: OPTIONS IMPORT: route options modified
Dec 19 18:42:41 RT-AC3100-0548 ovpn-client1[2583]: OPTIONS IMPORT: route-related options modified
Dec 19 18:42:41 RT-AC3100-0548 ovpn-client1[2583]: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Dec 19 18:42:41 RT-AC3100-0548 ovpn-client1[2583]: OPTIONS IMPORT: peer-id set
Dec 19 18:42:41 RT-AC3100-0548 ovpn-client1[2583]: OPTIONS IMPORT: adjusting link_mtu to 1624
Dec 19 18:42:41 RT-AC3100-0548 ovpn-client1[2583]: Outgoing Data Channel: Cipher 'AES-128-GCM' initialized with 128 bit key
Dec 19 18:42:41 RT-AC3100-0548 ovpn-client1[2583]: Incoming Data Channel: Cipher 'AES-128-GCM' initialized with 128 bit key
Dec 19 18:42:41 RT-AC3100-0548 ovpn-client1[2583]: TUN/TAP device tun11 opened
Dec 19 18:42:41 RT-AC3100-0548 ovpn-client1[2583]: TUN/TAP TX queue length set to 1000
Dec 19 18:42:41 RT-AC3100-0548 ovpn-client1[2583]: /usr/sbin/ip link set dev tun11 up mtu 1500
Dec 19 18:42:41 RT-AC3100-0548 ovpn-client1[2583]: /usr/sbin/ip addr add dev tun11 10.0.2.4/24 broadcast 10.0.2.255
Dec 19 18:42:41 RT-AC3100-0548 ovpn-client1[2583]: updown.sh tun11 1500 1552 10.0.2.4 255.255.255.0 init
Dec 19 18:42:42 RT-AC3100-0548 custom_script: Running /jffs/scripts/openvpn-event (args: tun11 1500 1552 10.0.2.4 255.255.255.0 init)
Dec 19 18:42:42 RT-AC3100-0548 openvpn-event[5498]: Script not defined for event: vpnclient1-up
Dec 19 18:42:44 RT-AC3100-0548 openvpn-routing: Configuring policy rules for client 1
Dec 19 18:42:44 RT-AC3100-0548 custom_script: Running /jffs/scripts/openvpn-event (args: tun11 1500 1552 10.0.2.4 )
Dec 19 18:42:44 RT-AC3100-0548 openvpn-event[6146]: Running /jffs/scripts/x3mRouting/vpnclient1-route-up tun11 1500 1552 10.0.2.4
Dec 19 18:42:44 RT-AC3100-0548 (vpnclient1-route-up): 6158 Starting Script Execution JAJA
Dec 19 18:42:44 RT-AC3100-0548 (load_MANUAL_ipset_iface.sh): 6166 Starting Script Execution
Dec 19 18:42:45 RT-AC3100-0548 (load_MANUAL_ipset_iface.sh): 6166 Selective Routing Rule via VPN Client 1 created TAG fwmark 0x1000/0x1000
Dec 19 18:42:45 RT-AC3100-0548 (load_MANUAL_ipset_iface.sh): 6166 Ending Script Execution
Dec 19 18:42:45 RT-AC3100-0548 (load_ASN_ipset_iface.sh): 6293 Starting Script Execution
Dec 19 18:42:45 RT-AC3100-0548 (load_ASN_ipset_iface.sh): 6293 Selective Routing Rule via VPN Client 1 created for ph1 (TAG fwmark 0x1000/0x1000)
Dec 19 18:42:45 RT-AC3100-0548 (load_ASN_ipset_iface.sh): 6293 Ending Script Execution
Dec 19 18:42:45 RT-AC3100-0548 (load_ASN_ipset_iface.sh): 6418 Starting Script Execution
Dec 19 18:42:45 RT-AC3100-0548 (load_ASN_ipset_iface.sh): 6418 Selective Routing Rule via VPN Client 1 created for ph2 (TAG fwmark 0x1000/0x1000)
Dec 19 18:42:45 RT-AC3100-0548 (load_ASN_ipset_iface.sh): 6418 Ending Script Execution
Dec 19 18:42:45 RT-AC3100-0548 (vpnclient1-route-up): 6158 Ending Script Execution
Dec 19 18:42:45 RT-AC3100-0548 ovpn-client1[2583]: Initialization Sequence Completed
 
Last edited:
andresmorago said:
Hello to all
My apologies in advanced since this has been discussed before. Im just trying to understand if im doing wrong with my VPN setup on my routers side.

This is my current setup:
My internet connection is 100/10. My AC3100 router is connected to it with a public ip address provided by my isp.
I have an Amazon EC2 linux VPS running openvpn. IP 10.0.2.1
My AC3100 is connected to this VPN server with open vpn client 1. It gets the IP 10.0.2.2 from vpn server. I have a selective routing thanks to @Xentrk scripts
All devices connected to my ac3100 router can reach http://10.0.2.1/speedtest in which i have a speedtest server running.

My issue is that When i run a speed test from any device connected to the router, i get a maximum of 18/10. even less than that

But running the same speedtest on a device directly connected to the vpn server (for example an iPhone and the openvpn app, gives me a full speed 100/10). This iPhone for example, is connected to ac3100 wifi.

my openvpn server has this conf file
Code: 
port 443
proto udp
dev tun

duplicate-cn
ca ca.crt
cert server.crt
key server.key
dh dh.pem
auth SHA1
tls-crypt ta.key
ncp-disable
cipher AES-128-GCM
reneg-sec 0

sndbuf 0
rcvbuf 0
push "sndbuf 393216"
push "rcvbuf 393216"

mssfix 1492
txqueuelen 1000

topology subnet
server 10.0.2.0 255.255.255.0
ifconfig-pool-persist ipp.txt

push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 10.0.2.1"
#push "dhcp-option DNS 8.8.8.8"
push "route 10.0.0.0 255.255.255.0"
push "route 10.0.1.0 255.255.255.0"
keepalive 10 120

user nobody
group nogroup

persist-key
persist-tun
status openvpn-status.log
verb 3
crl-verify crl.pem

my ac3100 has this config
View attachment 20382 View attachment 20383 View attachment 20384
Code: 
resolv-retry infinite
remote-cert-tls server
fast-io
route 10.0.2.0 255.255.255.0
route 10.0.1.0 255.255.255.0
route 10.0.0.0 255.255.255.0
auth-nocache
mssfix 1492

here is my client1 log on the router
Code: 
Dec 19 18:42:28 RT-AC3100-0548 ovpn-client1[2576]: OpenVPN 2.4.7 arm-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Jul 31 2019
Dec 19 18:42:28 RT-AC3100-0548 ovpn-client1[2576]: library versions: OpenSSL 1.1.1c  28 May 2019, LZO 2.08
Dec 19 18:42:28 RT-AC3100-0548 ovpn-client1[2583]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Dec 19 18:42:28 RT-AC3100-0548 ovpn-client1[2583]: Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Dec 19 18:42:28 RT-AC3100-0548 ovpn-client1[2583]: Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Dec 19 18:42:28 RT-AC3100-0548 ovpn-client1[2583]: Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Dec 19 18:42:28 RT-AC3100-0548 ovpn-client1[2583]: Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Dec 19 18:42:31 RT-AC3100-0548 adaptive QOS: Delayed Start Canceled
Dec 19 18:42:32 RT-AC3100-0548 adaptive QOS: Applying - Iptable Down Rules
Dec 19 18:42:32 RT-AC3100-0548 adaptive QOS: Applying - Iptable Up   Rules (eth0)
Dec 19 18:42:33 RT-AC3100-0548 adaptive QOS: TC Modification Delayed Start (5min)
Dec 19 18:42:39 RT-AC3100-0548 ovpn-client1[2583]: TCP/UDP: Preserving recently used remote address: [AF_INET]xxx.xxx.xxx.xxx:443
Dec 19 18:42:39 RT-AC3100-0548 ovpn-client1[2583]: Socket Buffers: R=[122880->122880] S=[122880->122880]
Dec 19 18:42:39 RT-AC3100-0548 ovpn-client1[2583]: UDP link local: (not bound)
Dec 19 18:42:39 RT-AC3100-0548 ovpn-client1[2583]: UDP link remote: [AF_INET]xxx.xxx.xxx.xxx:443
Dec 19 18:42:39 RT-AC3100-0548 ovpn-client1[2583]: TLS: Initial packet from [AF_INET]xxx.xxx.xxx.xxx:443, sid=6124c995 1fdd16fc
Dec 19 18:42:39 RT-AC3100-0548 ovpn-client1[2583]: VERIFY OK: depth=1, CN=ChangeMe
Dec 19 18:42:39 RT-AC3100-0548 ovpn-client1[2583]: VERIFY KU OK
Dec 19 18:42:39 RT-AC3100-0548 ovpn-client1[2583]: Validating certificate extended key usage
Dec 19 18:42:39 RT-AC3100-0548 ovpn-client1[2583]: ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Dec 19 18:42:39 RT-AC3100-0548 ovpn-client1[2583]: VERIFY EKU OK
Dec 19 18:42:39 RT-AC3100-0548 ovpn-client1[2583]: VERIFY OK: depth=0, CN=server
Dec 19 18:42:40 RT-AC3100-0548 ovpn-client1[2583]: Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 2048 bit RSA
Dec 19 18:42:40 RT-AC3100-0548 ovpn-client1[2583]: [server] Peer Connection Initiated with [AF_INET]xxx.xxx.xxx.xxx:443
Dec 19 18:42:41 RT-AC3100-0548 ovpn-client1[2583]: SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Dec 19 18:42:41 RT-AC3100-0548 ovpn-client1[2583]: PUSH: Received control message: 'PUSH_REPLY,sndbuf 393216,rcvbuf 393216,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 10.0.2.1,route 10.0.0.0 255.255.255.0,route 10.0.1.0 255.255.255.0,route-gateway 10.0.2.1,topology subnet,ping 10,ping-restart 120,ifconfig 10.0.2.4 255.255.255.0,peer-id 2'
Dec 19 18:42:41 RT-AC3100-0548 ovpn-client1[2583]: OPTIONS IMPORT: timers and/or timeouts modified
Dec 19 18:42:41 RT-AC3100-0548 ovpn-client1[2583]: OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
Dec 19 18:42:41 RT-AC3100-0548 ovpn-client1[2583]: Socket Buffers: R=[122880->245760] S=[122880->245760]
Dec 19 18:42:41 RT-AC3100-0548 ovpn-client1[2583]: OPTIONS IMPORT: --ifconfig/up options modified
Dec 19 18:42:41 RT-AC3100-0548 ovpn-client1[2583]: OPTIONS IMPORT: route options modified
Dec 19 18:42:41 RT-AC3100-0548 ovpn-client1[2583]: OPTIONS IMPORT: route-related options modified
Dec 19 18:42:41 RT-AC3100-0548 ovpn-client1[2583]: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Dec 19 18:42:41 RT-AC3100-0548 ovpn-client1[2583]: OPTIONS IMPORT: peer-id set
Dec 19 18:42:41 RT-AC3100-0548 ovpn-client1[2583]: OPTIONS IMPORT: adjusting link_mtu to 1624
Dec 19 18:42:41 RT-AC3100-0548 ovpn-client1[2583]: Outgoing Data Channel: Cipher 'AES-128-GCM' initialized with 128 bit key
Dec 19 18:42:41 RT-AC3100-0548 ovpn-client1[2583]: Incoming Data Channel: Cipher 'AES-128-GCM' initialized with 128 bit key
Dec 19 18:42:41 RT-AC3100-0548 ovpn-client1[2583]: TUN/TAP device tun11 opened
Dec 19 18:42:41 RT-AC3100-0548 ovpn-client1[2583]: TUN/TAP TX queue length set to 1000
Dec 19 18:42:41 RT-AC3100-0548 ovpn-client1[2583]: /usr/sbin/ip link set dev tun11 up mtu 1500
Dec 19 18:42:41 RT-AC3100-0548 ovpn-client1[2583]: /usr/sbin/ip addr add dev tun11 10.0.2.4/24 broadcast 10.0.2.255
Dec 19 18:42:41 RT-AC3100-0548 ovpn-client1[2583]: updown.sh tun11 1500 1552 10.0.2.4 255.255.255.0 init
Dec 19 18:42:42 RT-AC3100-0548 custom_script: Running /jffs/scripts/openvpn-event (args: tun11 1500 1552 10.0.2.4 255.255.255.0 init)
Dec 19 18:42:42 RT-AC3100-0548 openvpn-event[5498]: Script not defined for event: vpnclient1-up
Dec 19 18:42:44 RT-AC3100-0548 openvpn-routing: Configuring policy rules for client 1
Dec 19 18:42:44 RT-AC3100-0548 custom_script: Running /jffs/scripts/openvpn-event (args: tun11 1500 1552 10.0.2.4 )
Dec 19 18:42:44 RT-AC3100-0548 openvpn-event[6146]: Running /jffs/scripts/x3mRouting/vpnclient1-route-up tun11 1500 1552 10.0.2.4
Dec 19 18:42:44 RT-AC3100-0548 (vpnclient1-route-up): 6158 Starting Script Execution JAJA
Dec 19 18:42:44 RT-AC3100-0548 (load_MANUAL_ipset_iface.sh): 6166 Starting Script Execution
Dec 19 18:42:45 RT-AC3100-0548 (load_MANUAL_ipset_iface.sh): 6166 Selective Routing Rule via VPN Client 1 created TAG fwmark 0x1000/0x1000
Dec 19 18:42:45 RT-AC3100-0548 (load_MANUAL_ipset_iface.sh): 6166 Ending Script Execution
Dec 19 18:42:45 RT-AC3100-0548 (load_ASN_ipset_iface.sh): 6293 Starting Script Execution
Dec 19 18:42:45 RT-AC3100-0548 (load_ASN_ipset_iface.sh): 6293 Selective Routing Rule via VPN Client 1 created for ph1 (TAG fwmark 0x1000/0x1000)
Dec 19 18:42:45 RT-AC3100-0548 (load_ASN_ipset_iface.sh): 6293 Ending Script Execution
Dec 19 18:42:45 RT-AC3100-0548 (load_ASN_ipset_iface.sh): 6418 Starting Script Execution
Dec 19 18:42:45 RT-AC3100-0548 (load_ASN_ipset_iface.sh): 6418 Selective Routing Rule via VPN Client 1 created for ph2 (TAG fwmark 0x1000/0x1000)
Dec 19 18:42:45 RT-AC3100-0548 (load_ASN_ipset_iface.sh): 6418 Ending Script Execution
Dec 19 18:42:45 RT-AC3100-0548 (vpnclient1-route-up): 6158 Ending Script Execution
Dec 19 18:42:45 RT-AC3100-0548 ovpn-client1[2583]: Initialization Sequence Completed
Click to expand...
The primary factor limiting speed over the VPN connection is the CPU in the router - no support for AES-NI. The CPU has to work too hard performing the encryption which slows down the speed. I wrote a short blog post about slow VPN performance. You may be able to get a small bump in speed by adding the option "fast-io" in the custom config section. Many have reported better VPN performance with the HND CPU routers - AX88U and AC86U as they have built in crypto acceleration.
 
Xentrk said:
The primary factor limiting speed over the VPN connection is the CPU in the router
Click to expand...

Correct, but 18Mbps is not the limit of RT-AC3100 CPU. Must be around 50Mbps.

andresmorago said:
for example an iPhone and the openvpn app, gives me a full speed 100/10
Click to expand...

iPhone CPU (6s and above) has very fast cores and can hit >100Mbps easily. It is expected to be faster than the router on OpenVPN.
 
Distance to VPN server is another factor. If I connect to a VPN server where I live, my speeds are nearly double when compared to being connected to a VPN Server half way across the globe.
 
i only get ~30mbps using openvpn from my ac3100
(25 with crypto enabled, 35 without crypto enabled)
this is why most here will get the ac2900 and other
cpu 1.8ghz routers, because they process vpn better.
i could probably get around ~150mbps over VPN
using ac2900, but i don't bother upgrading because
all i need it for are pirate IPTV, so 30 is enough,
as they only average 10mbps each.

i have all my iptv boxes on a separate vpn subnet,
so if i was driving all my household traffic over vpn
then i would have definitely gotten an ac2900 by now.

what Xentrk said is right,

what Val D posts really makes little difference
since it's not the distance to outlet that matters
it's the isp quality and congestion on that outlet.
distance only impacts latency - not mbps speed.
i have access to outlets 20km 400km 8,000km
distance - and get all the same speeds off them.
 
Last edited:
Val D. said:
Also correct, but he is connecting to the same VPN server, just using different devices.
Click to expand...
Thanks to all. I was hoping my router could provide at least 30mbps of download speed. As you can note, te upload speed isn’t affected at all in my case and either connected directly to the vpn or through router, I get 10mpbs.
Per your kind recommendations, I guess this is the maximum speed I could get? I have monitored cpu loads and they never go more than 45%
 
consorts said:
i only get ~30mbps using openvpn from my ac3100
(25 with crypto enabled, 35 without crypto enabled)
this is why most here will get the ac2900 and other
cpu 1.8ghz routers, because they process vpn better.
i could probably get around ~150mbps over VPN
using ac2900, but i don't bother upgrading because
all i need it for are pirate IPTV, so 30 is enough,
as they only average 10mbps each.

i have all my iptv boxes on a separate vpn subnet,
so if i was driving all my household traffic over vpn
then i would have definitely gotten an ac2900 by now.

what Xentrk said is right,

what Val D posts really makes little difference
since it's not the distance to outlet that matters
it's the isp quality and congestion on that outlet.
distance only impacts latency - not mbps speed.
i have access to outlets 20km 400km 8,000km
distance - and get all the same speeds off them.
Click to expand...
thanks. would you mind sharing please some details on your server and client configuration?
 
andresmorago said:
I was hoping my router could provide at least 30mbps of download speed.
Click to expand...

If your iPhone can get 100Mbps with the same server, check/modify the router's settings. RT-AC3100 definitely can do 30Mbps.
 
I have tried everything but can’t get more than 18mbps :(
I’m unsure what to change either on the server or client
 
Last edited:
andresmorago said:
details on your server and client configuration?
Click to expand...

i doubt they would matter to you. i'm only using the client section in my router, and used the openvpn setting my vpn provider recommends. it's also likely various speedtest on different devices yield a wide range of results, so your 20 may be my 30. all i know is, it's adequate to my needs (no frame skipping or waiting for my stream buffer to fill). bottom line is if VPN bandwidth is that important to you - it's time to get a different router while you can still collect $60 on ebay for your used ac3100... ;)

ciper is disabled (not all vpn providers support this) and vpn is on a wifi vlan subnet
all the rest of my wired and other subnet's wifi traffic is routed out my public wan.
myIP apk sideload on to Fire4K provides the speed test and (vpn) lan:wan ip info.
(wired|wifi=same speed) my actual wan ip is 100km away the next state over...

BEiX3Xk.jpg

SdkzzAs.jpg
 
Last edited:
You must log in or register to reply here.

Similar threads

C
VPN doing a lot of unrecognized options without them even being in the config IPV6 issue
Replies
3
Views
979
RMerlin
RMerlin
T
[Help] Problems setting up OpenVPN
Replies
7
Views
266
Thookie
T
P
OVPN Problem. Asus rt ax56u (latest merlin firmware
Replies
9
Views
2K
pattox
P
J
2.4Ghz devices keep disconnecting
2 3
Replies
53
Views
6K
father_web3
F
J
AX88U Merlin 386.x and 388.1 random WAN disconnects mostly without relevant log entries
2 3
Replies
50
Views
6K
CajunFeather
C
Similar threads
Thread starter Title Forum Replies Date
C4ETech Extremely Slow Transfer Speeds on RT-AX92U Asuswrt-Merlin 8
matthew_eli Slow upload speedtest with GT-AXE16000 and Win 11 Asuswrt-Merlin 0
L Very Slow SMB over over RT-AX58U Asuswrt-Merlin 15
icanfly QOS Cake with merlin and MTU - slow download speeds / inconsistent mtu fragmentation results Asuswrt-Merlin 14
mackid1993 RT-AX 88U Pro Slow Upload Speeds on Merlin Until Reboot Asuswrt-Merlin 18
G Using VPN Director to route only torrent traffic through VPN Asuswrt-Merlin 8
B Unable to establish VPN connection to my PiVPN (ovpn) from my Asus RT-AC86U running Asuswrt-Merlin 386.14 Asuswrt-Merlin 1
T Wireguard Client VPN not using DNS Asuswrt-Merlin 14
S Wireguard VPN doesn't work, buyer beware Asuswrt-Merlin 6
G VPN director configuration for qBittorrent Asuswrt-Merlin 7

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 850 (members: 16, guests: 834)
Top