[SOLVED] Why is download speed 10X faster with VPN?

Started by Johnborrowman, February 05, 2024, 04:56:26 PM

Previous topic - Next topic
February 05, 2024, 04:56:26 PM Last Edit: February 11, 2024, 06:41:00 PM by Johnborrowman
I don't know much about networking so I apologize in advance if this is a stupid question, but can anyone help me figure out why my download speed is so slow without a VPN? I'm averaging about 120Mbps without, and 1200Mbps with. Fresh install of Opnsense on an Optiplex i5/16gb ram. Thanks in advance!

We would need more information to make a guess.

What is your location?

What is the VPN server location?

Which VPN software are you using?

I can't imagine a scenario where the real speed is higher with a VPN, but I'll be happy to be instructed.
My guess is that is just a reporting artifact.
What is your actual ISP-contracted "speed" ,bandwith is probably more accurate.

One idea: PMTUd problems without the VPN that go away because the VPN used uses a smaller MTU.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)

iperf or it didn't happen?
kind regards
"The price of reliability is the pursuit of the utmost simplicity."
C.A.R. Hoare

felix eichhorns premium katzenfutter mit der extraportion energie

A router is not a switch - A router is not a switch - A router is not a switch - A rou....

Thank you everyone for the fast replies.

I am based in the Roanoke, VA area. I currently using the paid version of ProtonVPN, with servers typically in NYC, Richmond, and Miami and download speeds typically between 1000-1200Mbps. I pay for 1200/40 from XFinity. When taking the test at the modem this is consistently what I get.

When taking the test on a wireless device, with VPN it's typically 440Mbps down/40 up, and the same 120Mbps or so without VPN. On a wired device, it's the full ~1100 with/~120 without. iPerf tests on both wireless/wired devices show no difference with the VPN on/off, and have the full expected bandwidth regardless.

So far I've tried another fresh install of 24.1, changing DNS servers to Cloudflare/google/ISP, enabling/disabling Zenarmor, and various combinations of hardware offloading settings.

I can't think of anything else to try or test but am open to any suggestions.

Ah, context is everything.
As I read it, faster on VPN over WiFi than without. Are you using the VPN from OPN as client for the whole LAN network, or are you using their app on the device and then that going over the Wifi?
The better you describe the setup, the better it can be understood what might be at play.

Oh my bad! I'm using the standalone VPN client provided by ProtonVPN. I use it on and off my home network completely independently of OPNSense. I have not done any customization to OPNSense at all, and have not set up any VPN client/server through the router.

I think you have it right, but just to clarify: While at home on the network managed by my OPNSense router, on a wired or WiFi connection, the download speed is significantly faster WITH the ProtonVPN connected.

Please feel free to ask any other questions and I can specify further. I'm not really sure what other details would be helpful. Thanks!

P.S. I briefly looked into MTU sizes, but I'm not really sure what I'm looking for. The router is set to the default value of 1500.

Right, sorry, can't tell. A glance at their pages seems to suggest they have a technology available called VPN Accelerator. "Can increase speeds by over 400% in certain situations, is free to all ProtonVPN users, and is enabled by default in all our apps.."
I'd say as long as your speeds are within your ISP provided package, OPN is doing fine.
Why within that envelope there are differences between in and out of provider VPN, that is something interesting for sure, but maybe better answered by them? Outside your network that envelope will be that of your Mobile (Cellular) network of course.

February 07, 2024, 03:03:52 PM #10 Last Edit: February 07, 2024, 03:08:15 PM by Johnborrowman
Proton does have the VPN accelerator yes. In this case though, it's really about the router. I have 1200Mbps coming into the router, and 90% of that throughout is disappearing. Using the VPN seems to be a bandaid of sorts, but it's not a viable solution for most of my family.

What I'm really trying to figure out is where 90% of the download speed is going during normal use.

Also I'm sorry I didn't clarify earlier: 1200/40 was referring to 1200 download/40 upload. 100Mbps is absolutely not viable for us as we have 70+ devices on the WiFi, and multiple people streaming classes/meetings/working remotely. The ISP is consistently supplying 1200Mbps into the router, OPN is just eating it somewhere.

Ok this is beginning to make sense. The VPN side of the question could be an aside. As I said before it could be a misreporting artifact. You can not have more bandwith than what your ISP is giving you, and that is 1200/40.
This out of the way, and you think you are not getting your 1200/40 - please DO NOT INCLUDE VPNs in this-, then you need to start from the the beginning. Be methodical.
Do a baseline. Both wired and wireless.
Describe your WAN setup. Of interest is if you are you using PPoE ?
Describe your LAN setup. Any switches, any VLANs, etc.
Remove any packet filter services like Suricata or Zenarmor.
From a wired client, do iperfs or similar speed tests across your OPN router, not from it, to be sure.
Same for wireless. What you are after is establishing, as the most vanilla setup, your actual bandwith.

Alrighty, I can do that.

WAN: Xfinity → Personal Modem (Arris S33v2) → TPLink 2.5Gb PCIe (TX201)
LAN: 10Gb PCIe (10Gtek X540) → Yuanley 8 Port 2.5Gb switch (10Gb SFP input)
(OPN dashboard shows 2500/10Gbase-T full-duplex uplinks respectively)

No PPoE for WAN, DHCPv4/v6 servers for LAN
Fresh install of OPNSense 24.1 - Suricata/Zenarmor disabled

No VPN for any of the following:

Speedtest (speedtest.net/fast.com average over multiple)
Taken at Modem - 1139Mbps
Wireless - 98Mbps
Wired - 170Mbps

iPerf between 1 wired and 1 wireless device on the network, 987Mbps
iPerf between 2 wired devices on the network, 2.34Gbps

Right then. So the question is why you only get 170 Mbps on LAN when your WAN is 1.2 Gbps. There's a modem in front of OPN. Did I get it right?
Here I'm going to be even less helpful and defer to more knowledgeable people on these setups. Probably time to visit the MTU settings between the two as suggested by Patrick.

That's the million dollar question haha. That's correct though, there is a modem in front of OPN. I get the full 1200Mbps when connecting a laptop directly to the modem. As soon as I stick OPN in, I get the 90% loss.