Latency/speed tax for whole-house VPN?

Internet access discussion, including Fusion, IP Broadband, and Gigabit Fiber!
6 posts Page 1 of 1
by bg1811 » Mon Feb 22, 2021 10:52 pm
I may be moving soon and a lot of the properties in the area offer only FTTN. I'm currently using classic Fusion X2 and read about some of the drawbacks with the resold AT&T service that other customers have mentioned.

I'd like to stick with Sonic if I can, though the loss of true Sonic support and privacy protections concern me. So I want to know what to expect if I end up at a place that only has FTTN service:
  1. For many addresses I'm checking, I see only the 50mbps / $49.99 option ("Internet delivered over AT&T’s network using one Fiber-to-the-Node data line, plus one home phone line.") - does FTTN X2 not exist?
  2. If 50mbps is all I can get, how much speed will I lose if I connect to Sonic's VPN with a consumer router ("whole house" VPN)? I'm willing to spend some money to get as close to the 50mbps as possible, if needed. I currently use OpenWRT on a low-end router.
  3. How much will my latency increase if I run VPN at the router level? I'm assuming this will be noticeable for gaming, but what about typical web/streaming usage?
  4. I also currently run WireGuard on my router so I can access my home network when I'm away. Will leaving Sonic's VPN running on my router interfere with this and/or introduce additional latency?
I suppose I could just run a software VPN client on a machine when I need extra protections, but I also saw some older threads where AT&T was having problems with YouTube and Sonic's VPN fixed it. So it would be convenient if I could just leave it running on the router and forget about it, without major impact to speed/latency. I'd also feel more exposed in general if I stayed on AT&T's network all the time.
by js9erfan » Tue Feb 23, 2021 7:06 am
Former ATT FTTNx2 customer here and while my location was only capable of ~35 Mbps the service was pretty stable for years until it wasn’t. It was at that point I realized the downside to the service – Sonic is really limited in their ability to support their ATT FTTN customers and they were ultimately not able to resolve my issue. As much as I hated to do it, switching to Comcast cut my bill in half and took care of my bandwidth limitations.

In regards to Sonic’s VPN and your speed/latency question, it really depends on your hardware and line. With OpenVPN using AES-NI capable hardware is highly recommended. But as a reference my old SuperMicro A1SRi-2558F board running pfSense was able to max out my 35 Mbps line with ease using AES-256-GCM. I don't put a lot of weight into these speed tests (using iperf is the way to go) but with Comcast’s 150 Mbps package I’m hitting around 110 Mbps using PIA (AES-256-GCM) and my router still doesn't blink. And no, using WireGuard as a server will not interfere with using OpenVPN as a client service.

Capture.PNG (45.59 KiB) Viewed 1439 times

Good luck!
by bg1811 » Tue Feb 23, 2021 8:00 am
Thank you for sharing that. So to clarify, with that hardware you're getting 110mbps whether VPN is active or not?
by ngufra » Tue Feb 23, 2021 9:29 am
Running vpn client on router will ensure AT&T only sees encrypted traffic from you to sonic.
It also means that your youtube/netflix traffic will have to go to sonic instead of a cdn at AT&T which could slow you down.
If your router is beefy enough and not doing much else, you may not see any speed degradation.
I suspect the latency will not be affected much either.

Doing tests here on a laptop. sonic service is fiber.

With vpn to sonic, latency is 4ms. With vpn off latency was 3 or 5. I would say the difference is not significant, but the reading may not be relevant as with vpn, it's already on sonic network so yeah, the route to sonic is short.

With vpn on, on i7 laptop, reads 72 to 81 Mbps down 65 to 108 Mbps up.
Without vpn I get 185-285 Mbps down and 256 to 489 Mbps up (depending on load of computer before running the test)

If your line speed is much less, I believe you won't see much difference if any.
by bg1811 » Tue Feb 23, 2021 11:44 am
Thank you for that. It sounds like I should be OK at 50mbps if I invest in some decent hardware.

Having to compromise with AT&T's network still leaves a bad taste in my mouth but I want to continue supporting Sonic. So I appreciate the information, in the event that I end up with AT&T FTTN.
by js9erfan » Tue Feb 23, 2021 3:31 pm
bg1811 wrote:
Thank you for sharing that. So to clarify, with that hardware you're getting 110mbps whether VPN is active or not?

The speed test above was via a laptop routed over PIA's VPN service. The same laptop routed over Comcast hit 160 Mbps (see below) but I think it's more a PIA limitation than hardware since this router's CPU rarely goes above 20% during heavy usage. I have ~40 network devices at this location and about 90% are routed over PIA.

Shouldn't take a big investment to achieve ~50 Mbps over Sonic's VPN 8-)

Comcast.PNG (48.41 KiB) Viewed 1367 times
6 posts Page 1 of 1

Who is online

In total there are 10 users online :: 1 registered, 0 hidden and 9 guests (based on users active over the past 5 minutes)
Most users ever online was 999 on Mon May 10, 2021 1:02 am

Users browsing this forum: Bing [Bot] and 9 guests