SG Broadband Community

SG Broadband Community. Everything you'd like to know about Cable Modems, DSL, Satellite, Networking, Security, Wireless, Routers and more.
https://www.speedguide.net/forums/

VPN Tweaks

https://www.speedguide.net/forums/viewtopic.php?t=287414

Page 1 of 1

VPN Tweaks

Posted: Sun Apr 16, 2017 6:09 am
by MagikMark
Hi Philip!

I have a question on VPN:

UDP Connection
Speed is initially fast, almost 100% of my subscribed speed. However, it would burst down to around 50% of my subscribed speed then it gets stuck in there. It doesn't burst back to 100%. I think it's suppose to burst up and down. This is using Internet download manager for large files. 1G and above

TCP Connection
Speed is fast. It would burst down then back to 100% of my subscribed speed. It bursts up and down

All a long I thought UDP connection is suppose to be faster. Is there something that I'm missing here? Is there something that needs to be tweaked? Is there a setting in NIC that needs to be changed?

Thanks a lot

Posted: Sun Apr 16, 2017 8:12 pm
by Philip
Hi Mark,

Some networks restrict the speed on certain protocols... Generally you are right, UDP is supposed to be faster with stable connections, as it does not wait for acknowledgements, it is a stateless protocol.
It is very dependent on what type of client and OS you use also, if you use OpenVPN increasing the "sndbuf" and "rcvbuf" may help.

As far as the Network Adapter tweaks, I would look into generally turning off any "Offloads" and "Power Saving" features, there is some info on tweaking network adapter settings on the main site here: http://www.speedguide.net/articles/netw ... ation-3449

I hope this helps

Posted: Sun Apr 16, 2017 9:05 pm
by MagikMark
Thanks for the input

Under NIC optimization it is suggested that IPv4/TCP/UDP Checksum Offload should be "enabled". Shall I disable this as you have recently suggested?

Windows 10 RS 2 is out. Are there any optimization to look at?

Posted: Mon Apr 17, 2017 10:00 am
by Philip
I would disable checksum offload as well if you are having issues. I am not aware of any changes to the TCP/IP stack in Windows 10 Creators update, it's mostly cosmetic/gaming/continuum improvements afaik. I'll look into it in detail when I get a chance.

Posted: Fri Apr 21, 2017 7:33 pm
by MagikMark
Philip,

I may have found the culprit. It turns out changing my DNS from google to Neustar fixed it. I'm now getting 90% of my subscribed speed in UDP port using openvpn

Do you happen to know why dns has influence on udp speed?

Posted: Sat Apr 22, 2017 10:13 am
by Philip
Interesting... Not sure, DNS is theoretically used only for name resolution, i.e. when domains you are downloading from need to be resolved to IP addresses, not during transfers. The information is then cached locally as well.

There could be some type of prioritization by your VPN provider, they may give lower priority to clients using different DNS servers. Can you replicate this, i.e. what happens if you go back and forth between Google, your ISP's DNS, and your VPN provider's DNS ?

What about these third party DNS servers ? (you don't have to test all, just some other options for testing)
Level3
209.244.0.3
209.244.0.4

Open DNS
208.67.222.222
208.67.220.220

Posted: Mon Apr 24, 2017 7:17 pm
by MagikMark
Philip,

Can you recommend a reasonable MTU for openvpn connections?

Posted: Mon Apr 24, 2017 10:13 pm
by Philip
I would run the TCP Optimizer (it has a MTU test, it should figure out the largest possible MTU)...

If you are setting "mssfix ...." in OpenVPN, it should generally be 40 less than the MTU value to allow for headers.

Posted: Tue Apr 25, 2017 2:45 am
by MagikMark
Thanks!

Posted: Wed Apr 26, 2017 11:40 pm
by MagikMark
Philip,

Can you see anything here worth tweaking:

Image

Posted: Thu Apr 27, 2017 11:18 am
by Philip
Looks fine, I wouldn't bother with it unless you're having issues.

Posted: Thu Apr 27, 2017 5:59 pm
by MagikMark
Thanks a lot

Posted: Sun Apr 30, 2017 9:24 am
by MagikMark
Philip,

VyperVPN app allows you to have openvpn mtu optimized by using their app. Their default is 1500. I ran mtu optimization feature 3x and I'm getting 1569. Is this unusual? So far website are snappier but the download speed for really large files is the same as mtu=1500

What are your thoughts? I though MTU is up to 1500 only

Posted: Mon May 01, 2017 11:18 am
by Philip
I wouldn't go over 1500, your packets will just get fragmented at some point (routers, etc.) and it takes more time for them to get forwarded. Even 1500 can't be handled under some circumstances (PPPoE DSL) because of the additional headers/protocol overhead.

Posted: Sun Jun 04, 2017 11:53 pm
by MagikMark
Philip,

I just need to be clarified. "OS /Router MTU" vs "tun MTU" are 2 different things? Is it possible to have bigger value for "tun MTU" and maintain the 1500 value for "OS & ROUTER"?

I have been experimenting with the Vypr VPN MTU. If I set the 'tun MTU" to 1500 I sometimes get incomplete websites. On the other hand if I set the "Vypr VPN MTU" to the optimized value of 1569 as the app suggested, I get complete website.

I'm kinda confuse with these two "MTUs"

Posted: Mon Jun 05, 2017 9:49 am
by Philip
It is fine to have the tunnel MTU larger than the router MTU I suppose, since the tunnel introduces more headers/overhead that need to be added to the standard 1500-byte packet.

Posted: Mon Jun 05, 2017 8:59 pm
by MagikMark
Thanks. That probably explains everything
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited