Pretty sure 1.6GHz ARM processor with 512MB of RAM can do better than 36Mbit/s with OpenVPN. If a TL-WR1043NDv2 can do better than that using a VPN proxy, that thing should be able to do twice that at the very least.
Yes, I am also surprised by this problem. In order to eliminate the cause of congestion during the peak period of Internet access, I also tested it in the early morning when the number of Internet users was low. The test result is the same as during the day, the computer openvpn client can reach 85mbps, and the router openvpn client is only 36mbps to 37mbps.
In addition, when I was testing the openvpn client of the router, I observed the "Status" tab of the router, and found that the router's cpu usage rate was only 24% at the highest, and the cpu temperature was as high as 69°C, which never reached 70°C.
Therefore, I suspect that there is a CPU power consumption adjustment module in the firmware, which limits the maximum temperature of the cpu or the maximum power consumption of the cpu, resulting in the speed of connecting to openvpn is limited to 36mbps
No, the kongac build to my knowledge does not support scrambled OpenVPN. This build support SoftEther.
China Mobile is the WORST ISP when it comes to censorship. Also latency is pretty horrible compared with other ISPs. I would recommend China Unicom which has good connectivity to Japan. China Telecom is OK too and has good connectib´vity to the StrongVPN Korea server. I do not know how well SoftEther works with China Mobile. China Unicom is not expensive or even free if you get a Unicom cell phone plan. So you could just not use China Mobile.
One thing you can try is to sign up for vpn.ac and try their browser plugins (SSL proxy) which work pretty well in China and see if you can get good speed when watching videos. Make sure to disable OpenVPN when you try.
Joined: 08 May 2018 Posts: 14125 Location: Texas, USA
Posted: Fri Dec 10, 2021 13:26 Post subject:
This is where I throw the flag of "using an old build without improvements comes with a price". It could also be due to the use of the scramble option, perhaps. The only way to know for sure is to try with a new build with another provider and compare as I doubt the scramble patch will be re-instated in DD-WRT anytime soon, if ever. _________________ "Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT Pogo - A minimal level of ability is expected and needed... DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)
----------------------
Linux User #377467 counter.li.org / linuxcounter.net
Also, have you looked at Wannaflix? They have a router setup. I would be curious how well that works.
I haven't tried the Wannaflix you mentioned, but I tried another VPN service provider, its name is ExpressVPN, it has a lot of servers and IP addresses, so the speed is very fast.
After waiting for my StongVpn contract to expire, I will switch to ExpressVPN.
This is where I throw the flag of "using an old build without improvements comes with a price". It could also be due to the use of the scramble option, perhaps. The only way to know for sure is to try with a new build with another provider and compare as I doubt the scramble patch will be re-instated in DD-WRT anytime soon, if ever.
I am curious to ask, why does DD-WRT no longer provide the Scramble option of the OpenVpn client after R30486? Is it just because the Scramble option will reduce the performance of OpenVpn on the router?
Joined: 04 Aug 2018 Posts: 1446 Location: Appalachian mountains, USA
Posted: Wed Dec 15, 2021 1:25 Post subject:
With a minimal config with only the OpenVPN client set up on a WRT1900ACSv2, I have maxed out my ISP's 200 Mbps download speed to an AirVPN server 1000 mi away using UDP4 transport and CHA-CHA-20 (with POLY1305 auth) as the cipher. So the router itself is fairly capable.
For an environment where VPNs are not permitted, AirVPN recommends users configure for TCP transport on port 443 (so that to the ISP it looks like an https connection) and TLS 1.2. (Their airvpn.org website uses TLS 1.3, but they assert that it offers no advantage over TLS 1.2 in a VPN configuration.) The use of TCP will necessarily result in a much lower speed. That unfortunate fact is "wired into" the TCP protocol and has nothing to do with any limitations of the router or the VPN provider. _________________ 2x Netgear XR500 and 3x Linksys WRT1900ACSv2 on 53544: VLANs, VAPs, NAS, station mode, OpenVPN client (AirVPN), wireguard server (AirVPN port forward) and clients (AzireVPN, AirVPN, private), 3 DNSCrypt providers via VPN.
With a minimal config with only the OpenVPN client set up on a WRT1900ACSv2, I have maxed out my ISP's 200 Mbps download speed to an AirVPN server 1000 mi away using UDP4 transport and CHA-CHA-20 (with POLY1305 auth) as the cipher. So the router itself is fairly capable.
For an environment where VPNs are not permitted, AirVPN recommends users configure for TCP transport on port 443 (so that to the ISP it looks like an https connection) and TLS 1.2. (Their airvpn.org website uses TLS 1.3, but they assert that it offers no advantage over TLS 1.2 in a VPN configuration.) The use of TCP will necessarily result in a much lower speed. That unfortunate fact is "wired into" the TCP protocol and has nothing to do with any limitations of the router or the VPN provider.
I have tried the port 443 and TLS1.2 you mentioned on my router. As far as the Chinese city I am located in, I cannot connect to a foreign VPN server.
At present, on my router, the only way to connect to the VPN server normally is to use the OpenVpn protocol with the Scramble option, and the port option must be set to the TCP port (if UDP port is tried, the connection will fail).