Change outgoing TTL

These are settings I use on the client side (so my router that is logging in to the VPN “server”)

Please find attached. I masked my VPN Server IP. I attached 2 data sets. 1 where Puli is used as modem+VPN tethered to T-mobile device. No throttling in this scenario. 2nd scenario is where Puli is used for LTE+modem+VPN. Heavy throttling in this 2nd scenario that I’m trying to fix.

Thanks for your help. (462.5 KB)

When you say Puli is used as modem + VPN tethered which of these are you meaning?

Puli using internal VPN Client ----> Internet or
Puli ------> Separate Device as VPN Client ------>Internet

(Puli using internal VPN client) -------tethered to T-mobile device (phone/hotspot).

That’s core of my issue. If LTE and VPN are on same device (such as Puli), I get throttled. if I use LTE on T-mobile phone and VPN on Puli, I’m fine. I’m also fine if I use LTE on Puli and then VPN on Beryl router.

Seems a problem of mtu. Can you check the vpn mtu lower?

I have it set at 1280. What number do you suggest? Also, should this be set on 4gLTE config or WireGuard VPN Client settings?? Or both?

Edit: tried 1080, 880 for MTU - neither helped.

4G should set as 1428

Wireguard 1380

Just tried with these MTUs, didn’t work.

@ericsmith @alzhao

Here’s another data point: I have Inseego M2000 with TTL mod and it has exact same issue as GL-Inet Puli. When I configure OpenVPN client on M2000 device, speed crawls to 200KB/s. Inseego also runs OpeWRT. If I use M2000 w/out VPN and use that as tethering device and configure VPN on Gl-Inet Beryl or Puli, there’s no throttling.

Within the OpenWRT system, there’s some leak when 4g/5g and VPN are on ‘same’ device, T-Mobile targets and throttles.

I am more than sure it is mtu problem. But I cannot find a way to debug.

I’ve tried all settings from 800 to 1300 at 100 increments for MTU in 4G and Wireguard Client VPN settings. I’ve found no improvment. It’s stuck at 200kb/s.

What were the mtu settings you use for vpn and 4G at the same time?

I have some success :slight_smile:

I tried 1000 MTU on 4G and 800 MTU on WireGuard and started getting 8mbps up and 7mbps down. I am very pleased with this result. Earlier, I was trying setting both MTU to 800, 900, 1000 etc and it wasn’t working.

Thanks to your intuition, it was a MTU problem. Now I just need to calibrate the MTU to best speeds possible. I will have to further play with numbers, but I can perfectly live with these speeds for my use case. Thank you so much. Seems Puli likes much smaller MTU numbers with T-mobile and gap between 4G MTU and Witeguard MTU has to be large.

Any idea how to setup MTU for OpenVPN?

Carrier mtu should be 1428 or lower.

The gap between 4G and vpn mtu should be 48 and higher. So pls try 1428 and 1380. If not working adjust both slightly lower and bigger gap.

Pls also note vpn client should use lower mtu than vpn server, if you know the value.

OpenVPN should be able to set mtu in the vpn dashboard if you use firmware 4.x.

I think I may have set MTU setting on VPN servers really low (1280 - I don’t remember). That maybe why i am having issues with numbers you are suggesting (1428 and 1380) on client side and (1100 and 1000) are working. I will be traveling back to where the VPN server is next month and change the MTU value. I will set VPN servers to 1500 MTU next month and then I will try 1428 and 1380. Regardless, I’m good for now so thank you so much. Can’t wait for Puli AX product. Keep up the good work!

1 Like

Hello everyone, hope everybody is doing ok, I was thinking of creating a new post, I’d continue with this thread since it is also related, I have both MT1300 and AR750S, on the 3.216 firmware I was able to just copy/paste it under custom firewall rules but on 4.3.2 B1 firmware the interface is totally different, any idea on how to do it? thanks!. This is my first posr so take it easy on me :slight_smile:, still learning openwrt.

OpenWrt 22.03 changed a lot. To set up ttl in OpenWrt 22.03, pls use the following command

mkdir -p /usr/share/nftables.d/chain-pre/mangle_postrouting/
echo "ip ttl set 65" >  /usr/share/nftables.d/chain-pre/mangle_postrouting/01-set-tt
fw4 reload

The above command set ttl 65 to all interfaces


buenos dias tengo un rauter AR300M16 quiero compartir internet ilimitado desde mi moden 3hs pegue es la linea iptables -t mangle -I POSTROUTING 1 -j TTL --ttl-set 65 , pero sigue consumiendo datos de compartir, me pueden ayudar por favor

Want to inform TTL 65 doesn’t help get hotspot internet on ar300m and mt300v2 version 4 beta firmware (firewall fw4)

even if I set TTL 65 in modem manual configuration and also followed the new commands provided by alzhao

Checked mt3000 which has firewall fw3 works fine

I signed up to thank you for this. Excellent work!

1 Like