Skip to content

Sonic OpenVPN Connect halves my internet speed

Internet access discussion, including Fusion, IP Broadband, and Gigabit Fiber!
11 posts Page 1 of 2
Post a reply

Sonic OpenVPN Connect halves my internet speed

by rchrdfrdmn » Wed Mar 16, 2022 10:43 am
Using the Ookla speedtest app on my MacBook Pro while connected to the internet over Sonic fiber and an Eero wifi mesh, my measured transfer speeds, both up and down loads, is halved when I have Sonic OpenVPN turned on.

Is there any way to optimize the VPN settings to improve this performance? I'm using the default settings on OpenVPN.

Or is there a better choice for VPN?
by virtualmike » Wed Mar 16, 2022 9:37 pm
If you're on Sonic Fiber, why are you using the VPN?

The intent for VPN is when you are connetcted to a different network, particularly one you aren't certain you can trust, like public Wi-Fi, hotel Wi-Fi, etc.
by rchrdfrdmn » Thu Mar 17, 2022 9:05 am
Good point.
Still, my observation holds... It's surprising why vpn degrades the speed by half.
by kgc » Thu Mar 17, 2022 12:12 pm
OpenVPN is typically CPU limited both in the server and client. You'll most likely see that the OpenVPN client process is using 100% of one your laptop's CPU cores.
Kelsey Cummings
System Architect, Sonic.net, Inc.
by graeme_stewart » Fri Mar 18, 2022 4:35 pm
Isn't this also compelling justification to support Wireguard as a customer VPN option?
by kgc » Fri Mar 18, 2022 5:16 pm
It's unfortunate that the authors of Wireguard didn't build any thing as obvious as an extensible authentication system into the protocol. I've viewed it as more of a replacement for manually configured ipsec tunnels and other permanent site to site vpns than anything else because of this. Being key based is great but requires a lot of extra work at the provider level and, so far as I know, nobody is selling a Wireguard backed VPN service access product like OpenVPN AS.
Kelsey Cummings
System Architect, Sonic.net, Inc.
by graeme_stewart » Sun Mar 20, 2022 1:14 pm
Good point, my understanding is the developer of Wireguard was focused on making the protocol (and associated code) as efficient as possible.

Would it really be that difficult to dynamically generate and manage per-user keys on the Sonic end? I'm not a product manager, but this would seem like a nice opportunity for Sonic to develop a feature that many would benefit from ;)

https://medium.com/swlh/web-uis-for-wir ... 04710fa7bd
by kgc » Mon Mar 21, 2022 2:29 pm
graeme_stewart wrote: Would it really be that difficult to dynamically generate and manage per-user keys on the Sonic end? I'm not a product manager, but this would seem like a nice opportunity for Sonic to develop a feature that many would benefit from ;)
It's more than just key management and authentication. There's no dynamic IP pool management, doesn't support clients coming from dynamic IPs out of the box, etc.. I think there is a commercial provider that has done all of the work using standalone applications to manage the connection (configuration) on the clients so it's all possible but isn't exactly simple.

Please keep in mind that this is a free service too. ;)
Kelsey Cummings
System Architect, Sonic.net, Inc.
by cmeisel » Mon Mar 21, 2022 2:41 pm
Sonic should not waste any resources on this. OpenVPN is a fine VPN and is used all over the world. This is a free offering and even if speed is half (not bad for a VPN in general) so be it. Sonic should invest all resources in being an ISP and expanding its Internet service. If there is extra time, invest it in offering a user-controllable block list for the phones ;)
by atrasatti » Tue Apr 12, 2022 7:45 pm
How are VPN providers who manage tens or hundreds of servers and thousands of customers run Wireguard effectively?
11 posts Page 1 of 2

Return to “Access”

Who is online

In total there are 15 users online :: 0 registered, 0 hidden and 15 guests (based on users active over the past 5 minutes)
Most users ever online was 999 on Mon May 10, 2021 1:02 am
Users browsing this forum: No registered users and 15 guests