PIA - bad speeds
-
I have an APU1D4 with the latest pfSense release.
Since today I ordered a VPN package with Private Internet Access (PIA).
I configured my pfSense box following this guide: https://www.privateinternetaccess.com/forum/discussion/21875/
Everything is working and I'm connected through PIA but my speeds are terrible.
I have a 150/15 connection and when I'm connected to PIA through my Mac (Tunnelblick client connected with OpenVPN PIA) I'm hitting 140/14 which is good imo. I little less connection speed is understandable.But when I connect my pfSense box to PIA and I'm not getting over the 20/14 on that same Mac.
I checked the CPU and it not running at max (70% when doing a speedtest). Memory is low.
Is there something I'm doing wrong? A little less speed is ok. But 20 instead of 150 mbit is not what I was expecting…I have tried these advanced option as stated here:
https://forum.pfsense.org/index.php?topic=112877.msg633588#msg633588Getting 55 mbit with these settings.
A little progres but still sh*t... -
Think this 1 Ghz. CPU does not support AES-NI.
What gives
openvpn --show-engineson command line?
-
You'll want to try AES-128 as that is faster than BlowFish.
I'm afraid that it's down to the hardware used. oVPN isn't multi-threaded. More often than not it boils down to a single core clock speed. Crypto support in the CPU does help, but right now we only see substantial gains with IPSec.
-
That's correct.
This cpu does not support AES-NI.
At the moment I'm not able to access my pfSense box but I can confirm its not supported.But is AES-NI really needed to get around the 150 mbit?
-
Unless oVPN becomes multi-threaded, there's not a whole lot one can do. My APU2C4 can push roughly 80 to 100Mbps.
-
Seriously?! :o
I did not know it was a drop in speed like that.
That's a real pity for sure! -
Yeah, that's encryption for you :)
I've had my APU2C4 for the past week - It's a great little thing for sure. I had known that this wouldn't push more than 100Mbit via oVPN. Unfortunately, I now have the itch to repurpose my unRAID server (A HP MicroServer G8 with Xeon 1240v2)
-
I have tried aes128 and was pushing 70 mbit at max.
That's more than half my speed. Pity!Thanks for your help though.
