So…I signed up for NordVPN. I set up an OpenVPN client in the router. I also set it up on my laptop. When I run the laptop application, I get around 80-90 Mbps. When I run the OpenVPN on the router, I get 10-15 Mbps.
Thinking it’s the OpenVPN client, I also signed up for Surfshark. I set up a Wireguard client on the router and installed the app on my laptop. The speeds I got on my laptop were roughly the same as NordVPN. When using the Wireguard client on the router, the speeds were about the same as the OpenVPN client.
Is there something wrong with my setup? Is there something else I need to do to get this to work properly or is this a limitation of the router itself?
For reference, what is your internet speed on the laptop without a VPN running on the laptop or the router? The MT3000 should be able to handle 80-90 Mbps on both OpenVPN and WireGuard protocols. Do you have any additional services running on your MT3000 like Smart Queue Management in Luci?
Without the VPN, I get between 80 and 200 Mbps. I am not sure about Smart Queue management. How do I check for that?
Smart Queue Management is not set up by default and you would need to set it up manually. My best guess is going to be MTU size. It is the size of each packet of data sent over the VPN tunnel. If it is poorly configured in the router config file but properly handled in the app then you’d be experiencing the same symptoms you’re experiencing now.
The best way to test for this is to turn on the VPN on your router and ping something to see if it makes it.
For Windows you’re going to want to open Command Prompt/Powershell/Terminal (depending on which you have) and run the command: ping 8.8.8.8 -f -l 1500
(the “-l” is a lowercase “L”) The prompt will likely say “Packet needs to be fragmented but DF set.”
Then subtract 28 from 1500 (1472) and try again. When your pings go through it means you’ve met an MTU size that works. Add one back at a time (1472+1=1473) until it fails again. The largest size that worked plus 28 is the size that you should set your MTU (1500 is the max for ethernet, but there’s a 28 byte overhead, hence the first option that could possibly work is 1472, and if you have pppoe there’s an additional 8byte overhead)
If you have a MacOS laptop your process will be different but I can provide them if needed.
Thanks for the response. I followed your instructions. When I used 1500, I got the packet needs to fragmented error. When I changed it to 1472, the pings went through. When I changed it to 1473, I got the defrag error again. That implies that an MTU of 1500 is good, right?
When I looked at the config file, the setting for MTU was 1500 so I don’t think that’s the problem.
Sorry to hear that didn’t help. Unfortunately I don’t have any better suggestions. The only other things I could really suggest is making sure hardware acceleration is turned on, IPv6 is turned off, and your firmware is up-to-date. I wasn’t experiencing any of your symptoms when I tested it on my own MT3000 using NordVPN.
Are you using the same VPN server on both the laptop and the router? I wonder if the server is possibly limiting the speed?
I did some more thorough testing. The issue was between two different servers. When connected to the same server both ways, speeds were comparable.
Thanks for your help.
1 Like