adubs
By:
adubs

Awful connection speeds over VPN

January 12, 2017 737 views
VPN Ubuntu 16.04

I just got set up and going with pptpd. I can connect. I can browse, kinda. I cannot get any speed test to work except google's when connected to the VPN which reports 4Mb/s down and 4.72Mb/s up. The upload seems about right for my connection but the download is nowhere near what my home connection should be at.

Home without vpn:

http://www.speedtest.net/my-result/5959253520

Home with vpn:

cannot get speedtest.net or speedof.me to even load, google reports above.

DO vps:

Retrieving speedtest.net configuration...
Testing from DigitalOcean (138.197.223.87)...
Retrieving speedtest.net server list...
Selecting best server based on ping...
Hosted by Sneaker Server (San Jose, CA) [11.20 km]: 13.141 ms
Testing download speed................................................................................
Download: 1853.16 Mbit/s
Testing upload speed....................................................................................................
Upload: 461.74 Mbit/s

Tracert reveals nothing of value to me.

1 <1 ms <1 ms <1 ms ---------------
2 * * * Request timed out.
3 9 ms 21 ms 9 ms dtr01grcyil-tge-0-7-1-3.grcy.il.charter.com [96.34.52.29]
4 12 ms 12 ms 12 ms crr01blvlil-bue-50.blvl.il.charter.com [96.34.76.205]
5 14 ms 23 ms 22 ms bbr01blvlil-bue-80.blvl.il.charter.com [96.34.2.168]
6 11 ms 11 ms 12 ms 209.117.168.233
7 46 ms 59 ms 29 ms 216.156.16.182.ptr.us.xo.net [216.156.16.182]
8 27 ms 30 ms 41 ms 207.88.12.162.ptr.us.xo.net [207.88.12.162]
9 19 ms 19 ms 31 ms 207.88.13.135.ptr.us.xo.net [207.88.13.135]
10 20 ms 30 ms 27 ms 206.111.2.82.ptr.us.xo.net [206.111.2.82]
11 39 ms 66 ms 47 ms kanc-b1-link.telia.net [62.115.120.74]
12 67 ms 70 ms 64 ms sjo-b21-link.telia.net [62.115.125.147]
13 * * * Request timed out.
14 * * * Request timed out.
15 77 ms 78 ms 65 ms 138.197.223.87

Trace complete.

By all metrics the droplet should be able to saturate my connection on the download but its not even coming close. Am I being throttled in some way? Is there something wrong with using pptpd vs openvpn?

2 Answers
adubs January 12, 2017
Accepted Answer

I'm not sure what you want to see when you say "how you setup your VPN". I literally followed the DO guide to pptpd.

https://www.digitalocean.com/community/tutorials/how-to-setup-your-own-vpn-with-pptp

I realize that I'm never going to see the ~135Mbps down I get normally. However I expected better than 4Mbps. FrootVPN for example has no problem getting me over 100Mbps over the vpn connection. I would expect roughly the same from my droplet but maybe thats wishful thinking. Maybe I should have went with linode instead since they offer servers much closer.

by Bulat Khamitov
A Point-To-Point Tunneling Protocol (PPTP) allows you to implement your own VPN very quickly, and is compatible with most mobile devices. Even though PPTP is less secure than OpenVPN, it is faster and uses less CPU resources.
  • @adubs

    That works and was just what I was looking for :-).

    When it comes to companies that provide VPN to the general public, chances are they are not using a VPS to service their customer needs and they most likely have better control over their upstream than what's possible with a VPS. When it comes to routing, you need some sort of network level control.

    When it comes to virtualized sever-level access, such as what you have with a VPS, the protocol you choose to use is going to really give or take from your connection speeds. You're more likely to get better speeds from PPTP and L2TP/IPSec as the encryption level isn't as high as other protocols, though you sacrifice the higher level of security that would come with something such as StrongSwan (which is what I use right now).

    In terms of the guide you followed, that's really geared towards a multi-server setup with more moving parts than a typical single-VPS setup.

    What I'd do is take a look at the script below. It uses StrongSwan and it's as simple as installing a build environment, then running the script. It'll run you through a few steps and then you simply connect using a username, password and shared key.

    https://github.com/philpl/setup-strong-strongswan

    To install the build environment before running the script:

    sudo apt-get install -y autoconf automake bc bison build-essential certbot cmake curl flex gcc g++ libcurl4-openssl-dev libssl-dev make software-properties-common unzip wget zip zlib1g-dev zlibc
    
    • Upon getting set up with l2tp I immediately saw ~80Mbps over the vpn. Testing with my other vpn provider I saw about the same pptp speeds I got from the droplet, which leads me to believe that my ISP must be throttling me on the pptp port only. Thank you for your help.

@adubs

When connecting to a VPN, you're not going to see the exact same speeds you do when connecting to your local network. This is due to a multitude of things, though distance and security level are two of the biggest factors. The connection between where your connection comes from (i.e on Charters' side) and the Droplet (i.e. DigotalOcean's Data Center) also play a factor (i.e. interconnection).

The farther you are from the physical location of the VPN, the bigger the drop. Likewise, higher levels of encryption will also result in slower speeds. Depending on what your local connection is capped at, you should realistically expect ~50% of that when connecting to a VPN, though this is not a definite.

For example, I'm with Charter as well here in Tennessee and I have a 60Mbps connection. I normally see about 60-68Mbps on average, when not connected to a VPN. When I am connected, I may see 20-30Mbps and I may see a little less (i.e. 15-20Mbps).

In terms of a lack of connection, that really depends on how you setup the VPN. Before we can really look in to connection issues, we'd need to know how you setup your VPN. If you can provide that info we can take a better look at what's going on.

Have another answer? Share your knowledge.