Posted: Wed Nov 23, 2022 15:05 Post subject: [Solved] OpenVPN latency problems
hello friends, please give me some advice or experience.
I'm using a DDWRT openVPN server, the router is a bit older but I'm the only one using the VPN (one device) so it should handle it... speed around 10-20Mb/s on UDPv4. Downloading YouTube and sites is fine, I've been using it for a long time... Unfortunately, I noticed that I have a problem with a few things. For example, a Messenger call is always disconnected after 40 seconds, a Telegram call is also disconnected, but much earlier. I can't play Fortnite either, I get to the menu but it fails to connect to the game.
I want to ask, is this normal with OpenVPN or do I have a problem? I think the settings should be correct if everything else works. I use DNS from google with the push command or something like that. I tried switching it to TCP but had the same problem. It's the same on multiple networks (different wifi).
Has anyone encountered this? can you advise I don't know if it's the device, OpenVPN or just the settings. I haven't tried Wireguard. I'm connecting from an Android device.
Thanks for any advice, tips or comments. I'll try everything because I'm not that good at it. Thank you very much
Joined: 04 Aug 2018 Posts: 1447 Location: Appalachian mountains, USA
Posted: Wed Nov 23, 2022 15:58 Post subject:
When some sites work through a VPN and others don't, the issue is nearly always that the failing sites have policies against allowing users who are using VPNs. They don't like that their surveillance is hampered, and in some cases like streaming sites there are licensing agreements restricting users to a geographical region. VPNs mean location unknown, so they simply disallow them. _________________ 2x Netgear XR500 and 3x Linksys WRT1900ACSv2 on 53544: VLANs, VAPs, NAS, station mode, OpenVPN client (AirVPN), wireguard server (AirVPN port forward) and clients (AzireVPN, AirVPN, private), 3 DNSCrypt providers via VPN.
Joined: 18 Mar 2014 Posts: 12889 Location: Netherlands
Posted: Wed Nov 23, 2022 16:45 Post subject:
I will move this thread to the more appropriate Advanced Networking forum, see the forum guidelines with helpful pointers about how to research your router, where and what firmware to download, where and how to post and many other helpful tips:
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
What router and what build are you using?
As already noted by @SurprisedItWorks it can be that some providers block VPN's, the block can kick in after some seconds. Or providers which use IPv6 only.
I will move this thread to the more appropriate Advanced Networking forum, see the forum guidelines with helpful pointers about how to research your router, where and what firmware to download, where and how to post and many other helpful tips:
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
What router and what build are you using?
As already noted by @SurprisedItWorks it can be that some providers block VPN's, the block can kick in after some seconds. Or providers which use IPv6 only.
Other causes can be the use of Shortcut Forwarding Engine (SFE) on Basic Setup page or MTU too high.
latest firmware.
Push Client Route: Default Gateway
Netmask: 255.255.255.0
Server Mode: Router(TUN)
Compression: Disabled
Inbound Firewall on TUN: not checked
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
I will also mention that, for example, in the past in League of Legends (PC) I normally log in. When I turn on the league of legends game search, the hero selection starts normally, but after selecting the heroes, the game does not load anymore. When I downloaded the program and installed the "WTFast" program, suddenly LoLko was working normally.
Unfortunately you only have SFE, Broadcom routers have another Acceleration option but for you it is end of line.
Anyway glad it is solved
it can be seen that you are familiar with it.
I want to ask, do you have any recommendations for a router? so that it is not too expensive, such a golden middle ground and that it is supported by DDWRT. Preferably something primarily for VPN and not a very old model.
Joined: 16 Nov 2015 Posts: 6439 Location: UK, London, just across the river..
Posted: Thu Nov 24, 2022 16:18 Post subject:
egc wrote:
Second hand NetGear R7800 if you can get one.
Yep R7800 is the best price/support/performance router around... or its re-boxed version XR500
And yes 1043v2 is great buddy, but lacks of lots of things and has a slow CPU especially for VPN server and client at the same time... + ssl is missing on it... _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
ssl missing on it, what does it mean? After all, TLS is good too, right? it is also used in Windowsi think
If I don't have SSL, the VPN is relatively safe, right?
I don't use password and name in OpenVPN, I read somewhere that it is not good from the security point of view.. do you think it is a mistake?
Otherwise, a long time ago, I had the MTU at 1400, but then the PC and the logs in ddwrt gave me some kind of warning... I suspect that it told me that the server and client do not have the same set MTU and that the default is 1500, and that's why I switched to 1500.. .I think I had the MTU set correctly but it just said not at the value of 1400 :/
Today I tried youtube in 1440p and 2160p (mobile) and both had no problem with youtube... Twitch also without problem.
I am afraid that I will mess something up if I change the MTU to 1400 on the client and server. :'(