I am currently running openvpn on my pc and getting 40-50Mbps download which is good. However when i run openvpn with DD-WRT on TP-Link WDR3600, speed decreased drastically to 4-5Mbps. While searching for alternatives, i came across the GL-AR300M router. My question is with this GL-AR300M or any other GLI router setup with openwrt and openvpn, will i get a better performance over the TP-Link? Need some advice before i go out and purchase one for a test.
Your OpenVPN performance has to do with a lot of parameters. The more robust the cpu and memory the better you will do, however virtually all devices in the consumer router class are just a fraction of the “brains” that you get in a modern PC. In addition the PC typically will have AES which is very important to support encryption, as it off loads the CPU.
I have a PC-Engines ALIX with a 500mhz AMD Geode and 256 MB RAM. It has 128-CBC AES on the chip. In the lab I maxed out at about 21Mbps. With a good connection in practice I can get mid teen numbers. It’s a server, so the actual throughput depends on the clients. PC is faster.
With my AR150 and I can get about 6-7 Mpbs so I would expect the AR300M to be able to do better as it has a 50% faster CPU and twice the memory. It’s also a number of years newer tech over the WDR-3600. My speed tests are generally limited by the connection at the “hot spot” so maybe worst case. I also use TAP and have a 50/10 service at the server.
I do not think you will get anywhere near PC performance on this class of HW.
Thanks for the input. Basically i’m searching for a budget solution that will give a stable download of around 10Mbps good enough for video streaming on my roku. Installing openvpn on a router seems to be the most direct method. Are there any other ways of accomplishing this below $100 without being too complicated?
I have found from testing that if you can manage at least 7 Mbps you should be able to get a good stream, at least on HD YouTube. I do not have a media player.
To the best of my knowledge all the devices in this class have a single radio and will perform noticeably faster if they only need to run it on one side. If you connect the WAN (Ethernet) to the outside world and connect either via LAN Ethernet (best) or just an AP (no bridge) to the Roku with a good service I think you should be able to hit the 10Mbps or at least close.
I happen to have a WDR-3600 and just use it for an AP and Guest LAN (running DD-WRT - Guest LAN is to hard on an AP in OpenWrt). As you already have this, you could use the AR 300M as the primary router, DHCP server & OpenVPN client and hang the WDR-3600 off the back as an AP (all via Ethernet). You can use it’s dual band wireless and GB ports to support your “backbone”. Not sure if disabling the wifi will help performance.
So basically you recommend splitting the load between AR300M and WDR3600, with AR300M handling the openvpn portion while WDR3600 runs the rest of the operation, to achieve a higher throughput? If this setup can get a stable 10Mbps download then i will definitely give it a go. Thanks alot.
It seems like the best option, though I make no guarantees.
Timing is everything. Followup with lost dog.
You can pile on a guest LAN too if you want. I think there is a DD-WRT tutorial for it someplace.
@genupup -
Overall the performance with the AR300M is pretty good. It’s not going to be as fast as a computer running OpenVPN or even a full size router with a 1.4GHz duel core processor but as far as I’m concerned for the size, flexibility and options I can’t see this being beat. In WISP mode connecting to my home wireless network and connected via LAN to my laptop I max out my 50 Mbs connection. Wireless to wireless in WISP mode is much less but I suspect it’s due to only one radio (looking forward to the 5Ghz addon!).
When running the AR300M as a OpenVPN client to my router at home it drops to ~6 Mbs - 12 Mbs. To me this is not that big of a deal as I’m using this as a secure connection from hotel / coffee shop public wifi when I travel for work. Typically they are slow to begin with so it’s not like I’d notice.
My only wish at this point would be able to use OpenVPN TAP interface rather than TUN. I can’t fault GLI too much on this as from what I understand it’s pretty tricky to make work with a client router.
For the price I’d say snag one and play around with it.
Thinking some more, I guess you can put the AR300M on either side of the WDR-3600. I suggested the front as it’s a simpler config. It probably would not make a difference in throughput to the rest of the network if you are under 100Mbps service.
You can also put the AR300M with OpenVPN behind the WDR-3600, but it’s more complicated. You would need to do some port forwarding though the TP-Link. I did this way back under DD-WRT so I think you can find the firewall rules written there. You would connect into the AR300M’s LAN port and need to kill DHCP (set a static IP or you will have issues accessing the AR300M). I do not think you really need to kill the firewall, but it’s probably the right thing to do.