Hello I hope one of you can help point me in the right direction.
I have a VPS with a static IP and a wireguard tunnel from VPS to home network (no bridging in the router, just point-to-point with specific devices).
I found an abysmal connection speed with bandwidth on the order of 50-100 kbps tested via iperf. Connection between the same devices outside the wireguard tunnel is 10-20 mbps, which is 100-400 times slower, which I don’t understand since wireguard usually has very little overhead.
I have tried different MTU settings on both VPS and devices on my home network (both cabled and via wi-fi) in the range from 1360 to 1460, and above speeds are the best I have reached with MTU 1420 and 1440. I have tried both with and without iptables rules setting the mss correspondingly.
The above speeds are acceptable for incremental backups and document synchronization, but completely unsuitable for media streaming.
Where would I start diagnosing the bottleneck?
Thanks in advance.
What iperf speeds are you getting with UDP?
On windows you can use the test-connection -MTUSize powershell command to figure out the correct mtu.
If your udp speeds are normal but your tcp speeds are not, it could be fragmentation, or out of order packets, or high latency.
I’m on linux on all devices. I tested packet fragmentation using:
ping -M do -s [packet size] [ip]No fragmentation using packet size 1472 and below (before wireguard overhead).
I just tested again:
So, I get the “full” udp speed, but I get some errors / warnings about ‘connection refused’ and ‘did not receive ack’. Obviously not correctly configured, when it is 10 times slower than tcp.
What’s your mtu inside the vpn?
MTU is 1440.