I recently signed up for Ignite100 package, and now I am seeing huge degradation in VPN speeds comparing to previous much slower ISP.
- CGN3 modem in a brige mode
- Router: Netgear R7000 running XWrt Merlin firware port, at 1.2Ghz
- all testing done on gigabit wired network - all the discussion below is exlusively related to wired internet connection
without VPN: ~130 down, ~10up
with VPN: 28-35 down if the VPN client is running on router; if VPN running on Win7, single digits download, ~10 up (same PC without VPN clocks ~130)
Same local setup with previous (cable) ISP:
without VPN: ~32-34 down, ~3up
with VPN: 20-25 down if the VPN client is running on router; if VPN running on Win7, ~28 down
Real world download tests (HTTP download of Ubuntu ISO)
- thru router, no VPN: ~11.2MB/s (downloaded 1GB ISO is slightly more than one 1 minute)
- the router running VPN client : ~1.2MB/s
Download speed with VPN with previous provider (remember - it was only 30MB profile!) - max 3.5MB/s(!!!!!)
in all cases I am using the same VPN provider with connection to the same US East Coast server.
I fully understand that I cannot get the same speed with VPN as without it; however, it is completely unreasonable to triple internet speed to get much slower downloads.
I tried to remove the router and connect the PC directly to modem - same horrible single digit results with VPN!
Spent a week with PIA (VPN) tech support - no real improvement.
Tried to chat with Rogers tech support (first level) - literally no help.
Guys, what should I do?
Thats with the R7000 running the VPN?
Just to play devil's advocate here, if you were running a 500 Mb/s or 1 Gb/s service, modem bridged with the R7000 running the VPN, whats the best that the R7000 could do in terms of the VPN data rate? I'm just wondering what it will support running flat out. Ever seen any numbers with back to back routers running VPNs, just to take any ISP issues out of the way?
According to this source: https://www.privateinternetaccess.com/forum/discussion/21185/configuration-for-50-mb-throughput-on-p... , my router should be able to push 50MB/s
What I find very inveresting - Windows VPN client is much slower than the router - defies any logic.
Proof that Rogers throttles VPN traffic: once I switched default VPN UDP port to TCP 443, my VPN speed jumped to close 40(!), and Ubuntu download speed has improved - from 1.2MB/s to 2(!)
Well this is not a solution, but an improvement.
Really Rogers? So much for not trottling...
That's a pretty interesting thread. But, as it indicates, its all theoretical. Have you seen any posts anywhere that really stand out as having a large increase compared to what your results are. Seems to me that what you are getting is pretty normal for the R7000. Since you are essentially running Merlins Asus-WRT, is the Nat Acceleration enabled, which is located in Lan.... Switch Control? I'm assuming that the interface looks the same as my Asus RT-AC68U. I've always advised anyone with an Asus product to go thru each menu and sub-menu item and disable anything that was not being used or required, such as Samba protocol, and others. I've left the Trend Micro security up and running and firewall. Everything else is basically disabled.
Edit: ok, scratch the NAT acceleration, according to that thread. In know in my case, running the 250/20 service, disabling the NAT Acceleration drops my download max speed from 328 down to somewhere around 240 Mb/s. I don't think that I saw any drop in the upload rate.... its been a while since I did that. So, with a VPN running, you're relying on the horsepower of the router to push the data rate up as high as you can get it. Makes me wonder about something like a pfSense router? Beyond that are something like the Cisco routers, which start to get expensive.
I have been having the same issues recently.
Last week I started having issues with your service and they are continuing. I have discarded my VPN as the techs have checked the VPN server in Toronto and identified no issues with bandwith or congestion. The speed I get with no VPN are 320/21. The signal to my house is very strong. As soon as I connect to my VPN, the speeds start high at 290/20 (normal small overhead) and then over the period of 30 minutes or so, the speeds start to degrade and I end up with 50/15 which is unacceptable when working from home. Nothing has changed from my original configuration that has been working great since last year.
The only way for me to regain the high speeds with VPN on is to unplug the NIC in the modem and make a direct ISP connection to my computer, run a speed test, I get full speeds (no vpn), I then unplug the direct connection and go through the router and connect to the VPN, my speeds with VPN go high again and then over time slow down....
My IT guys for the VPN have no ongoing issues in their infrastructure so they can't rule out some new traffic shaping policy from Rogers (for example shaping after 30 minutes of high throughput with the same IP address).
THIS IS A MESSAGE TO ROGERS.. AS PER CRTC: ROGERS IS NOT TO ENGAGE IN TRAFFIC SHAPING OF ANY KIND!
If you are doing now, STOP IT now! You are affecting legitimate use of a VPN that I MUST use to get my stuff done.
I do not want to engage a bunch of experts to start providing evidence of throttling of Open VPN connections.... Using double encryption techniques to verify speeds before and after and do tests along with logs, etc...
Remeber what happened when you ticked off The Canadian Gamers Organization (CGO) and the in turn they accused Rogers of failing to provide accurate transparency with its Internet Traffic Management Programs (ITMP), otherwise known as Internet throttling.... that did not end well...
If you are STOP IT and if you are not... check your configurations beacsue something is definetely up with your service as it relates to customers using VPN connections...
@EDSNOW personal opinion, you're complaining to the wrong audience. Your comments are probably better off directed to the Office of the President and to the CRTC.
Just to point out, there has been a recent post regarding high upload rates causing the Hitron modem to crash. That's pretty new and I'm just wondering what your normal upload rate might be with the VPN running? Maybe your IT gurus can give you some idea. I wonder if the VPN keeps the upload channel fairly busy when the VPN is actually in an idle state, beyond what would be normal for gaming, FTP uploads etc.
On the other hand, you might be exactly correct. Despite CRTC guidance, maybe there is some traffic shaping afoot.
Do you have the VPN passthrough set in the modem?
What router are you running that gives you that perfomance thru a VPN? Just curious at this point.
Datalink - are you asking me? if yes, then my modem is set to bridge mode (and I reset and re-did it myself again just to be sure).
My router is Netgear R7000, running a XWRT-Vortex 375.55 Hotfix1 (which is based on ASUS-Merlin FW) - that's the last FW which still alows overclocking CPU - my router's dual core CPU is running at 1.2GHz and CPU, and I do not the router CPU load to become high on either core - which clearly indicates the bottleneck is on Rogers side, not the router's horsepower.
Really disappointed in Rogers. (well - should have known better - there is a reason why I was staying away from Rogers/Bell for last 5+ years)
More data point:
I also have a special virtual PC which I use for work, and I use work VPN there
No VPN: ping 25, DL: 95, UL: 9.7
Markham server: ping 25: DL:29.4 , UL: 11.2 - and this is today, not that many people login from home so I don't expect our work server (and our company is not exactly a small one) to be slow
Seesm like Rogers network is not heavily loaded right now, so I retested my other (phycal) PC which is on my private VPN:
(US East Server) Ping 27ms, DL 42.5 (best ever I seen so far), UL: 10.1 (during the speed test , the router CPU load did not exceed 65% - so if Rogers does not throttle VPN, I could have easily hit 50+ (and stop compalining :))
And to think I was about to pull the trigger and sign up for 1 Gbps service..... THANK GOD I did not.... They showed their true colors with their anti privacy policies just in time for me to revert that decision... Phew!
My guys are working for alternatives right now....
A year ago Rogers president called to the gov to ban vpns... Are we at it again boys...?! IS this goign to be a yearly occurence..?!
I am experiencing the exact same issue on a brand new Rogers Gigabit capable Hitron modem.
I also experienced it on the CGN3 and CGN4
apparently this is a known issue - the HITRON Modem in BRIDGE MODE performs really poorly with IPSEC / ESP based VPN connections.
Very upsetting. Rogers can you please fix this? It has been like this for years.
VPN on Linksys Wrt3200acm-ca router
I have a wrt3200acm-ca connected(LAN)to a Hitron cgn3 modem/router (not bridged). I have installed the latest firmware from expressvpn on the wrt3200acm router. My download speed seems slow with vpn on (20-30mbps). My Rogers internet is 250 and I normally get 200 Mbps. I have tried every expressvpn USA server. I want a vpn router setup so the whole house is protected and use it for all internet on many devices. Any ideas how to increase vpn router speed? Should the hitron be bridged? Also, if I access expressvpn on my iPhone with the app, not using vpn router, I get 80-90mbps. Should I give up on the vpn router option because it's too slow and use vpn app on mobile devices and DNS on Apple TV and Xbox?
Thank you for joining and posting your query in the Rogers Community Forums. It may not be possible to achieve your Internet package speeds through VPN due to many factors as discussed in this thread. If your main concern is to have secured Internet access with good speeds to your household then surely there are other options.
@Community - please share your expertise to help out @Pilot172
@Pilot172 your post reminds me of a similar issue with IPV6 ESP/IPSEC.
Listed in the known issues here:
comes the following:
Non TCP/UDP/ICMP traffic (such as ESP/IPSec without NAT-T) is slowed down below 25 Mbps
Looking at the PfSense instructions for the VPN service, the following is seen;
So, the VPN uses UDP which in itself might be probematic on any of the CNG3xxx series modems.
Now the question is, are you using IPV6 and does the VPN tunnel receive the same response from the modem as does IPV6 ESP/IPSec? The reason that IPV6 ESP/IPSec runs slowly is due to the fact that its run in software on the modem CPU versus thru the hardware processor/accelerator. So, that does require a change. The only person who could really answer this one is @RogersDave.
In terms of the Bridging aspect, I would recommend bridging the modem given the router that you have, but, that won't change the VPN results. That is due to the processing within the modem. Of couse, as long as you have the router in Access Point mode, then you shouldn't have huge issues using the modem as the main router, unless you happen to be gaming. In that case, you would be better off using the router as it will give you more control over port forwarding and probably better, predicatable results.
One thing you cold consider if you are running an unlimited account is to switch to the CODA-4582 which is the newest modem. With the latest firmware version loaded, V22.214.171.124 the pure UDP performance is greatly improved. I'm able to hit 50 Mb/s down 500 Mb/s up without any UDP datagram losses. The only question is the VPN protocol and what the modem will do with it. Possibly @RogersDave might be able to answer that, or, that is something you would find out when everything is connected and running.