[SOLVED]China connection VPN server problem

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Marvell MVEBU based Hardware (WRT1900AC etc.)
Goto page Previous  1, 2, 3, 4  Next
Author Message
zhuli66
DD-WRT User


Joined: 03 Dec 2021
Posts: 58

PostPosted: Fri Dec 10, 2021 5:05    Post subject: Reply with quote
kernel-panic69 wrote:
Pretty sure 1.6GHz ARM processor with 512MB of RAM can do better than 36Mbit/s with OpenVPN. If a TL-WR1043NDv2 can do better than that using a VPN proxy, that thing should be able to do twice that at the very least.





Yes, I am also surprised by this problem. In order to eliminate the cause of congestion during the peak period of Internet access, I also tested it in the early morning when the number of Internet users was low. The test result is the same as during the day, the computer openvpn client can reach 85mbps, and the router openvpn client is only 36mbps to 37mbps.

In addition, when I was testing the openvpn client of the router, I observed the "Status" tab of the router, and found that the router's cpu usage rate was only 24% at the highest, and the cpu temperature was as high as 69°C, which never reached 70°C.

Therefore, I suspect that there is a CPU power consumption adjustment module in the firmware, which limits the maximum temperature of the cpu or the maximum power consumption of the cpu, resulting in the speed of connecting to openvpn is limited to 36mbps
Sponsor
whitefish
DD-WRT Novice


Joined: 25 Jun 2011
Posts: 36

PostPosted: Fri Dec 10, 2021 8:08    Post subject: Reply with quote
No, the kongac build to my knowledge does not support scrambled OpenVPN. This build support SoftEther.

China Mobile is the WORST ISP when it comes to censorship. Also latency is pretty horrible compared with other ISPs. I would recommend China Unicom which has good connectivity to Japan. China Telecom is OK too and has good connectib´vity to the StrongVPN Korea server. I do not know how well SoftEther works with China Mobile. China Unicom is not expensive or even free if you get a Unicom cell phone plan. So you could just not use China Mobile.
whitefish
DD-WRT Novice


Joined: 25 Jun 2011
Posts: 36

PostPosted: Fri Dec 10, 2021 8:20    Post subject: Reply with quote
One thing you can try is to sign up for vpn.ac and try their browser plugins (SSL proxy) which work pretty well in China and see if you can get good speed when watching videos. Make sure to disable OpenVPN when you try.
whitefish
DD-WRT Novice


Joined: 25 Jun 2011
Posts: 36

PostPosted: Fri Dec 10, 2021 8:57    Post subject: Reply with quote
Also, have you looked at Wannaflix? They have a router setup. I would be curious how well that works.
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 12463
Location: Texas, USA

PostPosted: Fri Dec 10, 2021 13:26    Post subject: Reply with quote
This is where I throw the flag of "using an old build without improvements comes with a price". It could also be due to the use of the scramble option, perhaps. The only way to know for sure is to try with a new build with another provider and compare as I doubt the scramble patch will be re-instated in DD-WRT anytime soon, if ever.
_________________
Official Forum Rules, Guidelines & Helpful InformationFirmware FAQInstallation WikiWhere Do I Download Firmware‽
DON'T use Chromium-based browsersRTFM/STFW TL;DR is NOT an excuse. • Why Should I Care What Color the Bikeshed Is‽
Please DO NOT PM me with questions; Ask in the forum. ---------------------- Linux User #377467 counter.li.org / linuxcounter.net
zhuli66
DD-WRT User


Joined: 03 Dec 2021
Posts: 58

PostPosted: Sat Dec 11, 2021 16:58    Post subject: Reply with quote
whitefish wrote:
Also, have you looked at Wannaflix? They have a router setup. I would be curious how well that works.



I haven't tried the Wannaflix you mentioned, but I tried another VPN service provider, its name is ExpressVPN, it has a lot of servers and IP addresses, so the speed is very fast.
After waiting for my StongVpn contract to expire, I will switch to ExpressVPN.
zhuli66
DD-WRT User


Joined: 03 Dec 2021
Posts: 58

PostPosted: Sat Dec 11, 2021 17:28    Post subject: Reply with quote
kernel-panic69 wrote:
This is where I throw the flag of "using an old build without improvements comes with a price". It could also be due to the use of the scramble option, perhaps. The only way to know for sure is to try with a new build with another provider and compare as I doubt the scramble patch will be re-instated in DD-WRT anytime soon, if ever.



I am curious to ask, why does DD-WRT no longer provide the Scramble option of the OpenVpn client after R30486? Is it just because the Scramble option will reduce the performance of OpenVpn on the router?
zhuli66
DD-WRT User


Joined: 03 Dec 2021
Posts: 58

PostPosted: Tue Dec 14, 2021 12:43    Post subject: Reply with quote
Everyone actively speak。
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 12463
Location: Texas, USA

PostPosted: Tue Dec 14, 2021 17:26    Post subject: Reply with quote
Perhaps it was removed inadvertently, or there may have been a lack of continued support upstream, no idea. I will inquire within.

https://svn.dd-wrt.com/search?q=scramble

_________________
Official Forum Rules, Guidelines & Helpful InformationFirmware FAQInstallation WikiWhere Do I Download Firmware‽
DON'T use Chromium-based browsersRTFM/STFW TL;DR is NOT an excuse. • Why Should I Care What Color the Bikeshed Is‽
Please DO NOT PM me with questions; Ask in the forum. ---------------------- Linux User #377467 counter.li.org / linuxcounter.net
SurprisedItWorks
DD-WRT Guru


Joined: 04 Aug 2018
Posts: 1328
Location: Appalachian mountains, USA

PostPosted: Wed Dec 15, 2021 1:25    Post subject: Reply with quote
With a minimal config with only the OpenVPN client set up on a WRT1900ACSv2, I have maxed out my ISP's 200 Mbps download speed to an AirVPN server 1000 mi away using UDP4 transport and CHA-CHA-20 (with POLY1305 auth) as the cipher. So the router itself is fairly capable.

For an environment where VPNs are not permitted, AirVPN recommends users configure for TCP transport on port 443 (so that to the ISP it looks like an https connection) and TLS 1.2. (Their airvpn.org website uses TLS 1.3, but they assert that it offers no advantage over TLS 1.2 in a VPN configuration.) The use of TCP will necessarily result in a much lower speed. That unfortunate fact is "wired into" the TCP protocol and has nothing to do with any limitations of the router or the VPN provider.

_________________
Six Linksys WRT1900ACSv2 routers on 48141: VLANs, VAPs, NAS, client mode, OpenVPN client (AirVPN), DDNS, wireguard servers and clients (AzireVPN), three DNSCrypt DNS providers (incl Quad9) via VPN clients.
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 12463
Location: Texas, USA

PostPosted: Wed Dec 15, 2021 7:22    Post subject: Reply with quote
Scramble option should be returned in the next release:

https://svn.dd-wrt.com/changeset/47850

_________________
Official Forum Rules, Guidelines & Helpful InformationFirmware FAQInstallation WikiWhere Do I Download Firmware‽
DON'T use Chromium-based browsersRTFM/STFW TL;DR is NOT an excuse. • Why Should I Care What Color the Bikeshed Is‽
Please DO NOT PM me with questions; Ask in the forum. ---------------------- Linux User #377467 counter.li.org / linuxcounter.net
zhuli66
DD-WRT User


Joined: 03 Dec 2021
Posts: 58

PostPosted: Wed Dec 15, 2021 12:31    Post subject: Reply with quote
SurprisedItWorks wrote:
With a minimal config with only the OpenVPN client set up on a WRT1900ACSv2, I have maxed out my ISP's 200 Mbps download speed to an AirVPN server 1000 mi away using UDP4 transport and CHA-CHA-20 (with POLY1305 auth) as the cipher. So the router itself is fairly capable.

For an environment where VPNs are not permitted, AirVPN recommends users configure for TCP transport on port 443 (so that to the ISP it looks like an https connection) and TLS 1.2. (Their airvpn.org website uses TLS 1.3, but they assert that it offers no advantage over TLS 1.2 in a VPN configuration.) The use of TCP will necessarily result in a much lower speed. That unfortunate fact is "wired into" the TCP protocol and has nothing to do with any limitations of the router or the VPN provider.




I have tried the port 443 and TLS1.2 you mentioned on my router. As far as the Chinese city I am located in, I cannot connect to a foreign VPN server.

At present, on my router, the only way to connect to the VPN server normally is to use the OpenVpn protocol with the Scramble option, and the port option must be set to the TCP port (if UDP port is tried, the connection will fail).
zhuli66
DD-WRT User


Joined: 03 Dec 2021
Posts: 58

PostPosted: Wed Dec 15, 2021 12:37    Post subject: Reply with quote
kernel-panic69 wrote:
Perhaps it was removed inadvertently, or there may have been a lack of continued support upstream, no idea. I will inquire within.

https://svn.dd-wrt.com/search?q=scramble



For the city I live in, this is the only successful way to connect to a foreign VPN server.
zhuli66
DD-WRT User


Joined: 03 Dec 2021
Posts: 58

PostPosted: Wed Dec 15, 2021 12:38    Post subject: Reply with quote
kernel-panic69 wrote:
Scramble option should be returned in the next release:

https://svn.dd-wrt.com/changeset/47850



okay, thank you!
blkt
DD-WRT Guru


Joined: 20 Jan 2019
Posts: 3897

PostPosted: Thu Dec 16, 2021 18:56    Post subject: Reply with quote
New Build - 12/16/2021 - r47853
Goto page Previous  1, 2, 3, 4  Next Display posts from previous:    Page 3 of 4
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Marvell MVEBU based Hardware (WRT1900AC etc.) All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum