My exprience is much less than that. I ran a test on my line and a vpn server using the router based vpn and B1300. (all through the B1300 router. With no vpn active 40 mbps; with VPN through a windows application 35mbps;; using the VPN only on the router (same service and server) 12mbps.
I am not sure how the research testing was getting such high scores but it seems pretty clear that these are not the default results you can expect on the present firmware.
I did some testing last night, and found that when the VPN server (using the same on both windows and the router) is a slow one (approx 6 Mbps). The results are identical in both situations.
Today I tried it again with the best case scenario (residential area during work and school hours) and the results are the same Np VPN: 45Mbps, VPN on windows: 38Mbps; VPN on router: 18Mbps.
The question is whether it is a hardware, firmware, or configuration issue.
As it is, even when I have a 35Mbps VPN server connection I cannot reliably use the router for streaming as it doesn’t use more than approximately 1/3 of the speed. This is a shame as that was my main reason for buying this router.
In B1300 we just tested ipsec with hardware acceleration enabled and it reaches 100Mbps. So we may consider using other VPN protocols.
OH. MY. GOD. WOW. I WANT IT I WANT IT I WANT IT I WANT IT I WANT IT I WANT IT I WANT IT I WANT IT I WANT IT I WANT IT I WANT IT I WANT IT I WANT IT I WANT IT I WANT IT I WANT IT I WANT IT I WANT IT I WANT IT I WANT IT I WANT IT I WANT IT I WANT IT I WANT IT I WANT IT I WANT IT I WANT IT I WANT IT I WANT IT I WANT IT I WANT IT I WANT IT I WANT IT I WANT IT I WANT IT I WANT IT I WANT IT I WANT IT
Buy a “mini PC” with a faster CPU or cryptographic accelerator chip
OpenVPN throughput statistics are COMPLETELY USELESS if you do not specify the cipher and key size used in the test. For example, AES-256 uses 40% more CPU resources than AES-128. Would someone please test the GL-B1300 with a modern cipher suite and high security configuration typically used in business communications, such as:
ECDHE-RSA-AES256-GCM-SHA384, 2048-bit RSA
I have tested the GL-AR300M at 9 Mbps download with this configuration using speedtest.net. Meaningful OpenVPN throughput statistics using a standard benchmark like this should be posted on the specifications page of all products here.
Cryptographic experts have found serious security flaws in all major components of IPsec. This is why many commercial VPN internet browsing services do not support it. IPsec may be fine if you are just downloading copyrighted material, but please do not bark and salivate like a dog at the mention of a compromised encryption standard like this. IPsec is not recommended for important communications.
I agree the tests. I made my tests using a service that uses AES-256, (expressvpn). I think the benchmarkers should release figures using commonly available commercial services or at least specify the cipher and key size. Also, the inclusion of wireguard over openvpn would be a step forward.
An interesting thread.
It is worth considering that travel routers are designed to be used connected to public systems to give you a much higher degree of privacy, not for mission critical encrypted traffic.
Just about any public wifi system will have bandwidth throttling of some sort to prevent one or two people from taking all the bandwidth. Typically this is set to somewhere around 2000 to 8000 Mb/s per connection, often even less in rural locations, more than adequate for streaming video in your hotel room.
VPN will always have an overhead, not just in the router but also the fact you end up routing all your traffic through a remote VPN server half way round the planet.
With all this in mind, an AR300M or an AR750AC is very much more than adequate, with most people not not even noticing any performance penalties when using one when travelling.
Which AES mode? Can you post the OVPN configuration file (or link to it) so I can see what options were enabled. As shown below the difference in speed can be >100%. I really want to know how the AR300M performance compares to the B1300 using the same cipher.
Relative throughput, 8k blocks with AES-NI enabled
aes-256-cbc - 407
aes-256-gcm - 870
Also, you quoted speeds of 12 and 18 Mbps. Are both those tests using the GL-B1300 with AES-256 and the same VPN service?
That’s irrelevant, because (in many cases) the customer does not have the option to use a weaker cipher for “non-mission critical” applications. You dont get to choose which VPN service represents the best value to me. If everyone uses unbreakable encryption, it is infinitely more difficult for hostile governments to target political dissidents who are fighting corruption for your benefit. Strong encryption does not need to be justified any more than envelopes need to be justified over post cards.
But I am not subject to the limitations of your imagination. In reality, many hotels and universities have a fiber optic connection with dozens of WiFi access points. When the physical connection throughput exceeds the router’s maximum OpenVPN speed, then OpenVPN performance comparisons matter. You dont get to dictate whats “adequate” for me because I did not state an application, and never said I was streaming video. This is not a discussion about how to justify the need for a certain level of performance, it is about the lack of OpenVPN performance measurements for GL.inet products. The customer needs an accurate measure of hardware and software performance in order to decide which product represents the best value.
You really are a presumptuous fellow! But the bottom line is, you dont get to decide what level of performance is adequate for my needs.
That’s incredibly ignorant. We are not trying to compare “travelling versus not-travelling.” We are trying to measure data throughput to determine which product best meets our needs. Specifically, I am trying to decide if the performance of the B-1300 justifies the higher price, or if I should spend the money on something else. Since you wont be involved with either the use or the purchase of this product, you dont get to decide what constitutes “adequate” performance and whether we will notice the difference !
Ahh… it’s nice to see that someone is paying attention here. Indeed, I never claimed that I was using it to travel: everything Blue said was based on wrong assumptions. These “travel routers” also make ideal WiFi extenders in a building that is already wired for Ethernet. It’s much more healthy and efficient to have several WiFi access points running at very low power than one router at very high power. If your neighbors cannot even detect your WiFi signal, there is no possibility of it being exploited by hackers or “Google Streetview” surveillance cars which map your WiFi MAC address to your street address. And I will not buy a new primary gateway router with a fast CPU until they make new chips without the Spectre & Meltdown bugs. I’m also very suspicious of anyone who argues for weak encryption, considering how mass surveillance capabilities are being widely abused by criminals in government for political & financial gain.
my tests were using cbc I have added the contents oif the opvn file min us remote server details and certificate data:
remote ****(hidden from public view)
verify-x509-name Server name-prefix
Yeah, who needs to look at specifications when comparing products and making a purchase decision, that’s ridiculous. Stupid perfectionists. They want to have useful information instead of throwing money away. What’s wrong with those people who dont buy everything they see whether they need it or not?