Jump to content
Not connected, Your IP: 18.117.70.64
ghulands

max 30-40 mbps per connection :-(

Recommended Posts

Hi,

I am having trouble getting anything beyond 30-40 mbps over each vpn connection to AirVPN. I am connected to Sabik, Aquila, Merope, Chalawan and Alkes. I have attached traceroutes below. I am connect to Comcast Xfinity 1gbps/35mbps and have tested the speed to non-Comcast speedtest servers and hit around 850-950 mbps. I am using pfSense as my router/firewall with the 5 VPN connections as a gateway group. 

 

As you can see from the below traceroutes, there is no one common peering provider that could be throttling the connections. When I check the status page, all the servers I am connected to are below 50%.

 

Does anyone have any suggestions on how to improve performance?

 

Thanks in advance.

 

Aquila

 traceroute 199.249.223.132
traceroute to 199.249.223.132 (199.249.223.132), 64 hops max, 40 byte packets
 1  96.120.14.229 (96.120.14.229)  6.909 ms  7.498 ms  9.558 ms
 2  ae-101-rur02.tracy.ca.ccal.comcast.net (68.87.203.245)  7.884 ms  8.612 ms  6.920 ms
 3  ae-2-rur01.tracy.ca.ccal.comcast.net (162.151.165.133)  7.116 ms  15.038 ms  7.279 ms
 4  ae-62-ar01.sacramento.ca.ccal.comcast.net (68.87.202.73)  10.892 ms  14.858 ms  10.584 ms
 5  be-33667-cr01.9greatoaks.ca.ibone.comcast.net (68.86.93.25)  15.158 ms  14.159 ms  14.597 ms
 6  hu-0-12-0-1-pe03.11greatoaks.ca.ibone.comcast.net (68.86.83.130)  13.995 ms  14.255 ms  14.409 ms
 7  10ge5-10.core1.sjc2.he.net (64.62.153.169)  13.668 ms  13.510 ms  31.819 ms
 8  100ge2-1.core4.fmt2.he.net (184.105.213.158)  15.308 ms  14.560 ms  14.898 ms
 9  10ge1-1.core2.fmt2.he.net (184.105.213.190)  16.228 ms  15.666 ms  14.374 ms
10  quintex-alliance-consulting.gigabitethernet1-1-22.switch45.fmt2.he.net (64.62.151.122)  16.028 ms  18.430 ms  14.098 ms

Sabik

traceroute 199.241.147.38
traceroute to 199.241.147.38 (199.241.147.38), 64 hops max, 40 byte packets
 1  96.120.14.229 (96.120.14.229)  6.890 ms  7.200 ms  6.880 ms
 2  ae-101-rur02.tracy.ca.ccal.comcast.net (68.87.203.245)  6.713 ms  11.816 ms  10.626 ms
 3  ae-2-rur01.tracy.ca.ccal.comcast.net (162.151.165.133)  11.970 ms  7.715 ms  9.854 ms
 4  ae-62-ar01.sacramento.ca.ccal.comcast.net (68.87.202.73)  9.998 ms  10.238 ms  10.715 ms
 5  be-33667-cr01.9greatoaks.ca.ibone.comcast.net (68.86.93.25)  15.359 ms  15.864 ms  15.024 ms
 6  be-12578-pe04.9greatoaks.ca.ibone.comcast.net (68.86.88.18)  14.210 ms  13.916 ms  15.270 ms
 7  173.167.58.210 (173.167.58.210)  13.906 ms  22.063 ms  19.085 ms
 8  et-0-0-53.cr3-lax2.ip4.gtt.net (213.254.230.254)  21.278 ms
    et-0-0-59.cr3-lax2.ip4.gtt.net (89.149.130.94)  25.055 ms
    et-0-0-53.cr3-lax2.ip4.gtt.net (213.254.230.254)  21.361 ms
 9  gtt-gw-cr1.lax.ipv4.hugeserver.com (173.205.61.22)  36.975 ms  26.388 ms  21.289 ms
10  cs1.lax3.hugeserver.com (199.244.116.2)  21.916 ms  22.561 ms  22.843 ms
11  ts-a2.lax3.hugeserver.com (199.244.116.38)  31.366 ms  23.181 ms
    ts-a2.lax3.hugeserver.com (199.244.116.42)  25.751 ms

Merope

traceroute 199.241.146.165
traceroute to 199.241.146.165 (199.241.146.165), 64 hops max, 40 byte packets
 1  96.120.14.229 (96.120.14.229)  8.540 ms  6.645 ms  9.137 ms
 2  ae-101-rur02.tracy.ca.ccal.comcast.net (68.87.203.245)  7.587 ms  13.024 ms  7.294 ms
 3  ae-63-ar01.fresno.ca.ccal.comcast.net (68.87.202.81)  9.988 ms  14.106 ms  9.804 ms
 4  be-33667-cr02.losangeles.ca.ibone.comcast.net (68.86.93.37)  18.319 ms  22.689 ms  19.100 ms
 5  be-11599-pe01.losangeles.ca.ibone.comcast.net (68.86.84.194)  16.724 ms  17.495 ms  19.552 ms
 6  173.167.58.202 (173.167.58.202)  15.930 ms  14.180 ms  17.451 ms
 7  gtt-gw-cr1.lax.ipv4.hugeserver.com (173.205.61.22)  16.442 ms  25.491 ms  21.071 ms
 8  cs2.lax3.hugeserver.com (199.244.116.6)  22.874 ms  22.532 ms  23.831 ms
 9  ts-a2.lax3.hugeserver.com (199.244.116.38)  15.475 ms
    ts-a2.lax3.hugeserver.com (199.244.116.42)  22.195 ms
    ts-a2.lax3.hugeserver.com (199.244.116.38)  26.513 ms

Chalawan

traceroute 193.37.254.21
traceroute to 193.37.254.21 (193.37.254.21), 64 hops max, 40 byte packets
 1  96.120.14.229 (96.120.14.229)  8.768 ms  8.622 ms  9.836 ms
 2  ae-101-rur02.tracy.ca.ccal.comcast.net (68.87.203.245)  13.187 ms  8.569 ms  9.880 ms
 3  ae-63-ar01.fresno.ca.ccal.comcast.net (68.87.202.81)  17.153 ms  13.450 ms  15.749 ms
 4  be-33667-cr02.losangeles.ca.ibone.comcast.net (68.86.93.37)  21.875 ms  22.763 ms  17.545 ms
 5  be-11580-pe02.losangeles.ca.ibone.comcast.net (68.86.82.34)  19.856 ms  20.926 ms  17.430 ms
 6  50.248.118.218 (50.248.118.218)  19.749 ms  22.697 ms  18.950 ms
 7  m247-ic-337209-las-b24.c.telia.net (80.239.130.169)  18.050 ms  44.893 ms  49.411 ms
 8  xe-0-0-44-0.agg1.lax1.us.m247.com (185.206.226.111)  36.361 ms  27.662 ms  43.968 ms
 9  vlan2909.as09.lax1.us.m247.com (193.9.115.169)  16.797 ms  21.272 ms  22.041 ms

Alkes

 traceroute 199.241.146.181
traceroute to 199.241.146.181 (199.241.146.181), 64 hops max, 40 byte packets
 1  96.120.14.229 (96.120.14.229)  8.525 ms  6.801 ms  7.898 ms
 2  ae-101-rur02.tracy.ca.ccal.comcast.net (68.87.203.245)  7.295 ms  8.537 ms  7.671 ms
 3  ae-63-ar01.fresno.ca.ccal.comcast.net (68.87.202.81)  9.595 ms  10.413 ms  11.040 ms
 4  be-33667-cr02.losangeles.ca.ibone.comcast.net (68.86.93.37)  20.036 ms  21.371 ms  18.314 ms
 5  be-11599-pe01.losangeles.ca.ibone.comcast.net (68.86.84.194)  17.196 ms  15.087 ms  21.605 ms
 6  173.167.58.202 (173.167.58.202)  18.575 ms  18.719 ms  18.574 ms
 7  gtt-gw-cr1.lax.ipv4.hugeserver.com (173.205.61.22)  16.056 ms  16.053 ms  17.202 ms
 8  cs2.lax3.hugeserver.com (199.244.116.6)  18.965 ms  17.987 ms  17.022 ms
 9  ts-a2.lax3.hugeserver.com (199.244.116.38)  18.400 ms
    ts-a2.lax3.hugeserver.com (199.244.116.42)  16.416 ms
    ts-a2.lax3.hugeserver.com (199.244.116.38)  17.009 ms

 

Share this post


Link to post

Hi,

 

Are you running OpenVPN on your desktop PC, laptop, tablet, router?

What is the CPU?

 

"I am using pfSense as my router/firewall with the 5 VPN connections as a gateway group."

 

The cpu is 

Intel(R) Atom(TM) CPU C3758 @ 2.20GHz
Current: 1700 MHz, Max: 2200 MHz
8 CPUs: 1 package(s) x 8 core(s)
AES-NI CPU Crypto: Yes (active)

Hardware crypto:	AES-CBC,AES-XTS,AES-GCM,AES-ICM

The box also has 32GB of ram and an SSD.

 

CPU usage when running a speed test or any other load never really puts the machine over 8%.

Share this post


Link to post

Hello!

 

Xfinity enforces traffic shaping, please check their policy. Normally OpenVPN with UDP is shaped most of the time for all broadband users, according to dozens of reports we have.

 

According to several customers of ours, the best throughput is obtained via tls-crypt connection in TCP to port 443 (in AirVPN, you get this connection mode to VPN servers entry-IP address 3 - OpenVPN 2.4 or higher version is required).

 

This connection mode has the ability to circumvent any specific shaping against OpenVPN and UDP, so you will remain subjected only to the general limitations and traffic shaping policies (and of course congestion, if any) enforced by Xfinity.

 

Kind regards

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...