VPN, Speed, Voxel's FW <-> DD WRT ???

27 posts / 0 new
Last post
Smitty16367
Smitty16367's picture
VPN, Speed, Voxel's FW <-> DD WRT ???

Hello Comunity, Hello Voxel,

I tryed VPN with Voxel's FW and I got it working finally. Thx to Voxel for helping me so much. So far, so good. I tested DL Speed with Ookla's Speedtest and I was little bit disapointed by the speed shown. It was about 30 Mbits/sec (a little bit less than 30). Without VPN I get 200Mbits/sec which is maximum on my cable line. I choosed Voxel's FW because I read that other users changed from DD WRT to voxel's because of speed. OK, I tryed DD WRT today as well and Ookla showed me 30Mbits/sec as well (a lttle bit more than 30). Voxel's FW with VPN took a lot of work because linux is not my very best friend (it was not and still wo'nt be). DD WRT took about 10 minutes to flash my router with initial and latest version and another about 5 minutes to fill in the values into the vpn-client mask and that's it. So I wonder if I did something wrong with Voxel's FW and VPN. Which speed is expected with Voxel's FW and VPN on a 200/12 Mbits/s cable line with Nighthawk R7800? Thx for your information.

smitty

kamoj
kamoj's picture
Depends on FW version, your

Depends on FW version, your vpn provider, your isp (provider) and connected server, protocol/encryption used, fiber/cable modem, cables, other traffic and switches, and
Very much on tuning the vpn configuration parameters.
After spending days of tuning I reached (upload and download together):
Voxel: 80 Mbps
DD-WRT: 90 Mbps
I have posted my settings elsewhere.
30 Mbps sound very low to me.
You could double that I expect.
So check cables and start tuning.

Smitty16367
Smitty16367's picture
@kamoj

@kamoj

Thx a lot for your response. Yes, it seems to be difficulty. May I get the settings you are using? Maybe they could also work for my vpn. Thank you very much.

Smitty

kamoj
kamoj's picture
I not home and have no

I not home and have no computer.
Can not check settings now.
Please search these forums here.
And at SNB. My signature sane there.
I posted my settings before.

kamoj
kamoj's picture
https://www.myopenrouter.com
Smitty16367
Smitty16367's picture
@kamoj

@kamoj

Thx a lot for the link to your settings. I couldn't find them by myself. I'll try them and I hope this will help.

Smitty

Smitty16367
Smitty16367's picture
@kamoj

@kamoj

thx a lot for sharing your settings. Yes, it helped. It's getting better now, but I'm still not fully satisfied with the speed. I get <= 50Mbits/sec DL now. I wonder what's the differences between your config and mine. How do you use OpenVPN? Are you using the formular under services -> VPN -> VPN Client or do you use a script? I simply use the formular. What's your ISP? Mine is Vodaphone/Cable 200/12 Mbits/sek. What's your VPN Provider? Mine is NordVPN. Where is your VPN Server located? At this time I use one in CZ.

When I tried NordVPN the firtst time I installed it at my pc and speed was wonderful. Doesn't this mean that the routers hw is too poor for VPN?

Looking forward to your infos and opinion.

Smitty

kamoj
kamoj's picture
Thank you for the feedback.

Thank you for the feedback. Very appreciated. Without feedback I would not keeping on sharing my experiences.

I use Voxels FW 1.0.2.45SF. The latest one is 1.0.2.47SF, but I guess it is slower for OpenVPN due to affinity changes. I might be wrong.
So i use a configuration file (as DD-WRT even though you there enter the configuration in a GUI), provided by my OpenVPN-provider and
modified by me with the changes I already posted. I can get higher speed, but then "bufferbloat" gets bad.
I have a cable modem from my ISP (500/50 Mbps) and the VPN-provider Azirevpn, and it's swedish servers.
On top of this I can start the OpenVPN-client on my PC and get about 180-190 Mbps through the R7800 running OpenVPN with Voxel FW.
Without OpenVPN client also running in the R7800 I get 300-400 Mbps through my OpenVPN on my PC .
I get 80 Mbps with Voxels FW 45SF and 90+ Mbps with DD-WRT, so the R7800 HW can absolutely handle 90 Mbps.
(The R7800 WiFi-coverage and speed is fantastic, so the R7800 must be among the best price/performace high-end routers available.)
For DD-WRT you have to make some manual setting though to get the highest speed. (CPU/Core Affinity and off power-save/throttling).
(See the forum
DD-WRT Forum Forum Index -> Atheros WiSOC based Hardware ) 

I have not used DD-WRT since they started to use a new kernel 4.x , with all kind of failures and instability.
I prefer to stay with Voxel FW, since it is extremely stable and close to Netgear stock.
Also I am running a number of "home-made" add-ons on the Voxel FW, that extends the Voxel/Netgear functionality somewhat.
So I intend to stay and can really recommend Voxels FW. But if you only want maximum OpenVPN-speed, you might go for DD-WRT.

Thank you again for reporting back!

 

nilugeator
nilugeator's picture
hi all, thx for this very

hi all, thx for this very nice threads

Thx to kamoji i reached 50 mbps with ddwrt (30 before)

to reach 90 mbs, I read that :

For DD-WRT you have to make some manual setting though to get the highest speed. (CPU/Core Affinity and off power-save/throttling).
(See the forum
DD-WRT Forum Forum Index -> Atheros WiSOC based Hardware ) 

but I cant find anything on thoses threads.

 

Could you be so kind to give here those seetings?

thx in advance

kamoj
kamoj's picture
Try:
I'm happy you are improving!
 
Now try these 3 lines (tatsuya46 a.o.):
for CPUFREQ in /sys/devices/system/cpu/cpu*/cpufreq/scaling_governor; do [ -f $CPUFREQ ] || continue; echo -n performance > $CPUFREQ; done 
echo 2 > /proc/irq/255/smp_affinity 
echo 2 > /proc/irq/258/smp_affinity
 
nilugeator
nilugeator's picture
thx again for your help !

thx again for your help !

 I already had the core 2 optimisation for WAN (255)

I tried the core ,2 optimisation for LAN (258) but it didnt change anything.

 

But the core frequency maximisation give me a boost, thx! (now i'm near 55 mbits/sec)

 

kamoj
kamoj's picture
Thank you very much for your

Thank you very much for your appreciation and reporting back.
It´s been a pleasure helping you!

rafamars
rafamars's picture
Hi kamoj,

Hi kamoj,

I was experiencing similar problems to Smitty regarding slow vpn speed. I then tried to apply your suggested settings in the .ovpn file but with no luck unfortunately.

I have 70/20Mbps from ISP and get 25/10Mbps using your settings in the opvn file. If I used vpn on my phone i get 55/10Mbps.

I am running the lastest 1.0.2.47SF and I am wondering if the issue is related to your comment regarding affinity changes.

If you have any suggestion so the R7800 can run vpn as quick as the phone, let me know.

Thanks 

rafamars

 

kamoj
kamoj's picture
You can easily try 45SF and

You can easily try 45SF and see what difference it makes.

No need to reset to factory, just flash 45SF and try.

Then just flash back to 47SF.

Also check you open on log file.

All VPN providers are different. My changes are just adapted to the R7800.

There is no solution for everyone.

You can also look at Netgear latest FW. It should have some kind of openvpn client as well!

rafamars
rafamars's picture
Thkx

Thkx

I will try that later and let you know

I have a R7800 as well

nilugeator
nilugeator's picture
You can also look at Netgear

You can also look at Netgear latest FW. It should have some kind of openvpn client as well!

@kamoj : Hi, where did you read that? is it finaly happening? on netgear website, latest firmware 1.0.2.44 didnt mentionned anything about a CLIENT vpn?

kamoj
kamoj's picture
https://kb.netgear.com
nilugeator
nilugeator's picture
thx a lot!

thx a lot!

I didnt seen that yesterday

Voxel
Voxel's picture
OpenVPN client in the stock

OpenVPN client in the stock FW looks for me a bit strange.

OK, you can try 1.0.2.49SF
 

1.0.2.49SF:
 
1. OpenVPN client optimization (boost speed, waiting for DNS, thanks to kamoj for his hints).
2. NTP client init script is changed to provide time/date setting if needed for OpenVPN client.
3. OpenSSL configuration is changed to provide more compatibility with ReadyCLOUD.
4. OpenVPN is upgraded 2.4.4->2.4.5.
5. dropbear package is upgraded 2017.75->2018.76.
6. util-linux package is upgraded 2.30.2->2.31.1.
7. transmission package is upgraded 2.92+git->2.93.
8. libxml2 package is upgraded 2.9.7->2.9.8.
9. Host tools: three components are upgraded.
 
Its goal is exactly to speed up OpenVPN client. I have up to 55Mbps for downloads with my ISP speed 60Mbps.  

Voxel.

 

Smitty16367
Smitty16367's picture
@Voxel

@Voxel

Thank you very much for your work. I'll try this version. Does VPN installation go the same way as in your earlier version?

reagards Smitty

Voxel
Voxel's picture
Thank you very much for your

Thank you very much for your work. I'll try this version. Does VPN installation go the same way as in your earlier version?

 

Yes, installation is the same. 

Voxel.

rafamars
rafamars's picture
Yes open vpn client on the

Yes open vpn client on the stock is strange indeed as it seems to be preload with purevpn only. Funny enough purevpn has been in the press lately for privacy-busting bugs related probems.

Otherwise the version 49 has increased the vpn speed dramatically from 25 to 55 Mbps in my case without tuning opvn file. 

Big thanks to kamoj and Voxel for helping.

rafamars

kamoj
kamoj's picture
I looked at some open code

I looked at some open code and I think it handles 2 different vpn providers. But don't remember the other one. Sorry.
Maybe it will not permit high security either to adapt to us laws on encryption limitations.

kamoj
kamoj's picture
I now get 88 Mbps download

enlightenedI now get 88 Mbps download with Voxels FW V1.0.2.50SF - without having to do any own tuningyes.

Thank you Voxel for another great release! laugh

Voxel
Voxel's picture
Well, you know that your part

Well, you know that your part of job is there too ;-)

Voxel.

VicB
VicB's picture
Hi There,

Hi There,

I have an R7800, and am new to flashing the router so this will be my first time.  I really only want 2-3 devices running on the VPN for streaming, and the rest of the traffic should go directly via the ISP.  After doing as much reading as I can, and admittedly most of it is above my understanding of networking, it looks like I will be able to achieve what I want by creating a guest network that tunnels all VPN traffic, with the rest of the traffic unchanged as normal.

I have found clear instructions on how to achieve this using ddwrt, but not Voxel's firmware yet.  I want to install Voxel to begin with, as based on feedback it does seem to be the best firmware regarding speed by using the majority of the original source firmware code from Netgear.  

@Voxel would this setup (2 x wireless networks, one to tunnel VPN traffic and one without) be possible on the Voxel firmware?  If anyone knows it would be greatly appreciated.

PS with Netgear now releasing the VPN client functionality finally, it still doesn't allow me to create two networks as described above, or am I missing something?

Thanks for assisting.

Voxel
Voxel's picture
I have an R7800, and am new

I have an R7800, and am new to flashing the router so this will be my first time.  I really only want 2-3 devices running on the VPN for streaming, and the rest of the traffic should go directly via the ISP.

 

I'd rather say that your goal is clear, but using guest network for bypasing VPN is IMO something overcomplicated. There is an article

 

https://www.myopenrouter.com/article/how-set-openvpn-client-netgear-r780...

with p. 

Bypassing OpenVPN client tunnel (Thank you, kinakuta)

re: how to bypass VPN for concrete IPs. Probably it is what you need. I cannot say that it is easy with my version, but we have what we have. And XunilinuX did very good job.

 

Voxel.