From: Houman <houmie@gmail.com>
To: Janne Johansson <icepic.dz@gmail.com>
Cc: WireGuard mailing list <wireguard@lists.zx2c4.com>
Subject: Re: How to improve Wireguard speed?
Date: Wed, 1 Jun 2022 10:07:31 +0100 [thread overview]
Message-ID: <CABBZOs=kxe4DwHN=utdb8FzDTt3=TcSo05JVAo=-JCUjC_eEug@mail.gmail.com> (raw)
In-Reply-To: <CAA6-MF84eCwegH3UcQuqrL7YaCQULf5=KafQYZPVJWATEtfL0Q@mail.gmail.com>
Thanks for your reply.
I have run htop to observe the CPU consumption during this test, and
the CPU(s) go up only to 10-20%. So the CPU doesn't seem to be the
bottleneck.
I didn't change the MTU settings, but I have a suspicion about MTU. I
found this article here that makes some interesting suggestions to set
MTU to 1280: https://keremerkan.net/posts/wireguard-mtu-fixes/
And beyond that iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j
TCPMSS --clamp-mss-to-pmtu
On Wed, 1 Jun 2022 at 09:51, Janne Johansson <icepic.dz@gmail.com> wrote:
>
> Den ons 1 juni 2022 kl 09:49 skrev Houman <houmie@gmail.com>:
> > Hello,
> > I'm compiling the latest stable Wireguard on Debian 11.
> > git clone https://git.zx2c4.com/wireguard-tools
> > make -C wireguard-tools/src -j$(nproc)
> > sudo make -C wireguard-tools/src install
> >
> > However the speed is not that impressive. I have a VPS with 4 vCores
> > and 8 GB RAM on 1 Gbps network. The VPS is located in London and so
> > am I.
> >
> > With wireguard enabled I get 117 Mbps
> > Without wireguard I get 506 Mbps
> >
> > That's a drop of 75%. What are the factors to improve the download rate?
>
> That seems like very poor values, I would make two tests, one local to
> the VPS and one test local to the other end (which you left out of the
> description) and see which one is the limiting box. People (including
> me) have easily gotten speeds at 1-2 gigabit on 10GE networked
> computers and VPSes and several gigabits on loopbacks, so the fault is
> not simply using wireguard.
>
> If you check the results of the nightly builds for x86_64 at
> https://www.wireguard.com/build-status/ you find several iperf3 runs
> that end up over 2-3 Gbit/s when a box is talking "to itself" so it's
> not the crypto or the tunnel that prevents you from filling up the
> gigabit link. Perhaps the VPS isn't giving you a lot of cpu? Perhaps
> the test reacts poorly to the lowered MTU for using (any) tunnel in
> between?
>
> --
> May the most significant bit of your life be positive.
next prev parent reply other threads:[~2022-06-01 9:08 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-06-01 7:42 Houman
2022-06-01 8:50 ` Janne Johansson
2022-06-01 9:07 ` Houman [this message]
2022-06-01 9:51 ` Roman Mamedov
2022-06-01 11:40 ` Houman
2022-06-01 12:41 ` Frank Carmickle
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CABBZOs=kxe4DwHN=utdb8FzDTt3=TcSo05JVAo=-JCUjC_eEug@mail.gmail.com' \
--to=houmie@gmail.com \
--cc=icepic.dz@gmail.com \
--cc=wireguard@lists.zx2c4.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).