So I recently installed WireGuard on my TP-Link Archer C7 with OpenWRT installed to use it as my VPN server. The connection runs fine and I am able to see the IP changing to my home one. However, the speed I’m getting is about 40% of the theoretical bandwidth I can get. I’ve tried to change the MTU value to 1420 but it didn’t do any better. I’ve read that the speed you can get is capped to the upload speed of the ISP, however, I have a 100/100 Mbps contract and I actually get the speeds, at least from what I get from doing a speed test.
I also tried to use the VPN on the local network but, as seen from the pictures, although my ping is low, I still get only 40% of the bandwidth and I don’t know why. Could it be the processing power of my router? or the speed I’m getting is fine for a VPN. I hope you can help me!
The encryption/description is going to be your bottleneck. Even with hardware encryption you’re going to see a significant drop in performance. To max out your bandwidth you’d need high end networking equipment terminating both ends of the tunnel.
Openwrt runs really well on an x86 system as well, can do most if not all the same things as opnsense and can run on a potato as well. (Also it is build from the get go to use the least possible writes to your flash memory (or ssd) which is defenitely a plus, as I destroyed an ssd before and got write errors from not correctly shutting down the system with pfsense (fork of opnsense).
It’s also easier to set up (I couldn’t get opnsense to install as btfs partition when I last tried it, so much hassle…).
All in all I would recommend running openwrt, buy a thinclient, with a few cores and a reasonably high MHZ cpu.
I use this for example 10zig 44xx, (30 Euros used off ebay), runs 100 MBit openvpn connection easily with wireguard. Get a usb3 to rj45 converter cable for a secondary ethernet port. Keep your old router for wifi and additional lan-cable-connections and and also put openwrt on it for good measure (also for continued security updates and open source software).
