wireguard site to site throughput goes to zero but sometimes works great
-
I am currently running WireGuard version 0.2.0_2. I upgraded from a previous version when I upgraded pfsense to version 2.7. In the old version I never had any performance problems.
After I upgraded WireGuard the remote desktop and connections to source control seemed very good at first but now it degrades to unusable for minutes or hours at a time and then recovers. When I initially setup the interfaces this time I forgot to set the MTU or MSS which in the previous setup I had used 1420 for both. Today I fixed that problem but it didn't help.
This is not a problem with the connection - I can hook up an SSH client to our ssh server and speeds are good and never waver over extended periods of time.
My home network and office network are both lightly loaded - very little is happening here or there.
Any thoughts on what to look for. or where?
-
I stumbled upon the answer this morning when I noticed that I could ping several other hosts at home from the office router except my workstation. One of the OK hosts was a windows laptop so I tried doing a remote desktop from the laptop to the office and that worked OK - as expected over a fast udp based vpn.
I really didn't know what to think about that so I changed the ip address on my workstation from dhcp to static. That solved the problem. very weird.
I recently upgraded from windows 10 to windows 11 and seem to remember using a dhcp assigned ip address instead of using the static ip address I had been using.
so... problem solved with no explanation other than voodoo.
-
So - it isn't an answer just more data. After changing the ip address on my workstation I connected a remote desktop session to the office computer and just let it stay open as I happily started re configuring links in my browser when the remote connecting failed. It took about 30 minutes for it to fail and now I am seeing the exact same problems as described in the first post.
I just changed my ip address again and was able to connect remotely with RDP and all looks good.
I marked the time down 6:32AM -
-
@mooncaptain Is it only your machine or only RDP on your machine?
Maybe you have a problem with a switch. Un- and then re-plug it to power. -
@Bob-Dig
I just re-powered my switch but that didn't help - a good idea though - thanks.Also the windows laptop that I got connected on before I only tested for a few minutes - I can't used it for an extended test because it belongs to my wife.
It is possible it would loose connection after some amount of time too. I'll see if I can run a longer test with it sometime today. The laptop runs windows 11.This morning after my system had been asleep all night the connection worked for about a minute after I logged in and then quit.
The two failure symptoms are the RDP goes down and the access to the shared folder "folds".
A system reboot doesn't recover the connection even for a short time.
I was thinking that my ISP had implemented some udp blocking scheme on my IP address but that doesn't account for the fact that changing a LAN ip address fixes the problem for a short time.
My current conclusion is that it is not WireGuard and it's not the ISP but I am still open to blaming either one but they are farther down the list than some weirdness with windows 11 which is my current focus.
I have an old mac with a linux operating system on it maybe I could get and rdp client on that. - my next test.
-
Executive Summary - go to Power Management tab in Network device and uncheck Allow computer to turn off device
Results: Ran an RDP session streaming YouTube videos for 2 hours and transferred about 9GiB of data and still going strong.
I zeroed in on the network card after running the same test on a Mac using a Linux OS and realized that WireGuard and my ISP weren't the problem.
I am still not completely convinced but real world use will settle that eventually.
-
The real world is hard.
As I continued to setup browser links to the various websites of servers on our office network everything worked fine. Source control OK. VMWare host OK. TeamCity build server host OK. but wait ... after about a minute from connecting to the TeamCity website all connects died. RDP. The other websites and even the file share connection.
After that I changed IP address again and removed TeamCity from the shortcuts on my home browser and then exercised all the other connections a lot and everything seems to be OK.
Waiting on the real world now.
-
SNORT!!!