Site to site IPv6 wireguard vpn using GL.iNet Flint 2 router as a client: iPhone gets full speed, but other clients get very slow speeds (Flint 2 Client -> Slate AX Server)

Routers VPN, DNS, Leaks
1

Hello everyone,

I am facing a bizarre performance issue with my Site-to-Site WireGuard setup.

The Gist: My WireGuard tunnel is capable of full speed (proven by my iPhone), but my macOS devices—especially when connected via Ethernet—are getting unusable upload speeds and "stuttering" connection performance.

image
image2436×1202 411 KB

The Hardware Setup

  • Site A (Client - US): GL.iNet Flint 2 (MT6000)

    • Connection: IPv6 Native (Spectrum).

  • Site B (Server - Asia): GL.iNet Slate (AXT1800)

    • Connection: IPv6 Native (ISP uses CGNAT for IPv4 that's why I'm forced to use IPv6 VPN).

The Problem: Device Discrepancy

I have performed side-by-side tests connecting different devices to the Site A Flint 2 (Client Router).
All devices are connected to the Flint 2 (LAN or Wi-Fi) and routing traffic through the WireGuard tunnel to Site B.

Device Connection Type Download Upload Experience
iPhone 14 Pro Max Wi-Fi (5GHz, 80MHz) 91 Mbps 12 Mbps Smooth
MacBook Pro M1 Wi-Fi (5GHz, 80MHz) 67 Mbps 8 Mbps "Stuttering" speed test
Mac Mini (2018) Wired Ethernet 67 Mbps 2.9 Mbps "Stuttering" speed test

Observations

  1. The Tunnel is Fine: Since the iPhone gets ~91/12 Mbps, we know the Flint 2 can encrypt/decrypt fast enough and the ISP link is healthy.
  2. Wired is Worse: Counter-intuitively, plugging my Mac Mini directly into the Flint 2's LAN port results in the worst performance (2.9 Mbps Upload).
  3. The "Stutter": On the iPhone, the speed test gauge moves smoothly. On both Macs, the gauge stutters. This feels like a buffering, flow control, or TCP Windowing issue.

Troubleshooting Already Attempted

  • MTU: I tried lowering MTU to 1280. It didn't improve anything. I reverted to 1420 (which works perfectly for the iPhone).
  • Network Acceleration: Disabled.

My Questions

  • Why does the Flint 2 handle traffic from an iPhone perfectly, but choke on traffic from macOS devices, particularly over Ethernet?
  • Are there specific switch/interface settings (Flow Control, Offloading) on the MT6000 I should check?
  • What commands can I run to diagnose this issue?

I need to work from the MacBook/ Mac Mini via Ethernet, and currently, it is unusable.

3

Ok simply downloading Speedtest app on Mac Mini and MacBook seems to match the speed I see on iPhone.

image
image786×394 37.8 KB

Also, I disabled IPv6 on LAN while still using IPv6 Wireguard Tunnel. Is it a good idea?

  1. On LuCI, navigate to Network > Interfaces > LAN > Edit.
  2. Select DHCP Server > IPv6 Settings.
    • Set RA-Service to disabled (was server mode by default).
    • Set DHCPv6-Service to disabled (was server mode by default).
    • Save
  3. Save & Apply.
  4. Result: Clients now send standard IPv4 packets to the router. The router encapsulates them into the IPv6 WireGuard tunnel.
  5. Test it by going to https://test-ipv6.com/
    • It shows "No IPv6 address detected"