Degraded WAN network performance with active vpn policies (GL-MV1000 / Brume)

d-m-c · March 6, 2022, 5:36pm

Hello all,

I have 900Mbps connection to xfinity

(WAN) Results of xfinity.speedtest.com without VPN active is ~700Mbps
(VPN) Results of speedtest.net with Wireguard active is ~265Mbps

When I activate VPN policies to say “this list bypasses VPN” using MAC addrs:

(WAN) xfinity test drops to ~425Mbps (-40% !)
(VPN) speedtest test drops to ~230Mbps (-12%)

Same results if the VPN policies rule is reversed, ie “this list goes through VPN”.
If I turn off VPN and VPN policies, i again get ~700Mbps on WAN

I guess I would expect a small performance hit for processing VPN policies, but losing 40% on the WAN seems excessive. Seems like the performance hit would be more similar for each interface

Thoughts ?

Thanks in advance

Firmware 3.203

alzhao · March 7, 2022, 9:52am

When you use vpn policy, the router disable hardware acceleration, causing the speed drop.

Even in your vpn policy you do not use vpn for certains devices, the router’s hardware acceleration is disabled.

d-m-c · March 7, 2022, 2:06pm

@alzhao thank you for the explanation. even though that’s unfortunate, I love the Brume more than going back to opnSense.

are there any gl-inet devices that don’t have this limitation ?