Joined: 04 Aug 2018 Posts: 1444 Location: Appalachian mountains, USA
Posted: Mon Aug 01, 2022 17:16 Post subject: insane wireguard speed on a WRT1900ACSv2
The question of how fast our VPN clients can go often arises. Well, here's an eye-popping wireguard datapoint from a WRT1900ACSv2 (build 49081) in the Los Angeles area, measured by timing the curl download to /dev/null, on the router itself to eliminate issues of wifi and LAN speed, of a 1 GB test file from San Jose (320 or so miles away) via AzireVPN's new and extremely lightly loaded Los Angeles server (us-lax.wg.azirevpn.net):
469 Mbps
via a nominally 400 Mbps ISP connection. I did "ifconfig oet1" and "wg show oet1" before and after so I could look at the RX bytes numbers to verify that the 1 GB really, really went through oet1 and wireguard. I also went back and downloaded the file for real so I could "ls -l" its exact size.
For purists putting that Azire IP into an IP lookup tool: The IP must have changed hands a couple of times recently, because some databases still show it in London or NYC. But my ping tests clearly show it's in the Los Angeles area, as the speed of light is rather famously limited.
So when we see middling speeds like 150 Mbps, we're looking at local-network limits (eg wifi) or tcp ack round-trip delay limits or a loaded server or ISP or maybe something else the router is doing to eat up the time. But the wireguard system itself is insanely fast, even on this five year old router!
And the 400 Mbps ISP speed was obviously stretched by the ISP for this burst. It happens. But it also means this is NOT necessarily the upper speed limit for wireguard on this router. We simply don't know the upper speed limit. But it's certainly fast enough for me.
Edit: I thought I was posting this in the Marvell forum, for fellow Linksys users. Oops! _________________ 2x Netgear XR500 and 3x Linksys WRT1900ACSv2 on 53544: VLANs, VAPs, NAS, station mode, OpenVPN client (AirVPN), wireguard server (AirVPN port forward) and clients (AzireVPN, AirVPN, private), 3 DNSCrypt providers via VPN.
That's the enormous benefit of having the VPN run in the kernel! Place other VPNs in the kernel (OpenVPN, PPTP, IPsec, etc.) and you'd see similar results.