What is the best performance you can get?

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
sarun
Posts: 2
Joined: Sun Mar 17, 2013 6:29 am

What is the best performance you can get?

Post by sarun » Tue Mar 19, 2013 1:59 am

Hi all,

I would like to ask, SoftEther Team, what is the best performance/through put you can get?
I'm living in Japan. And my internet connection is 200 Mbps.
I know they say it's the best effort. But I actually tested it by checking with speedtest.net, I got around 200 Mbps as well. And I checked by downloading an actual file, which I can get a speed of around 22-24 MB/s (Megabytes) which is very good.

Then I set up a VPN server, where the backbone speed is also 200 Mbps. I also checked the speed of this server as well, by simply doing wget to /dev/null, and I found the speed is around 22 MB/s up as well.

So, on the VPN server, I tried 2 things.
(1) Using the SecureNAT (NATing and Virtual DHCP)
(2) Using the SecureNAT without NATing, but instead, creating a local bridge to a TAP interface, and then create a POSTROUTING to simply route traffic between the actual ethernet and the tap, and enable Virtual DHCP to assign clients IP addresses.

On the client side, I use 8 TCP connections, I didn't find any better beyond this number, some may be worse. Maybe I need to change the establishing interval as well. But anyway, I use 8 TCP connections to test this. And my computer is not behind any firewalls or NAT. It's directly connected to the Internet (having global IP assigned from the ISP)

I've just checked the speed with the speedtest.net and also by downloading a file
(1) For this method, I got around 50-70 Mbps (on average)
(2) For this method, I got around 100-120 Mbps (on average)

I used to use OpenVPN before, and SoftEther is actualy better. Thanks to you guys. But I would like to know that dropping from around 200 Mbps to these numbers (around 50%), is this already considered good or not? or is it already the best it can achieve or not?

* By the way, I cannot directly bridge to the ethernet, that's why I'm using the tap.

If anyone can get better, please feel free to comment or suggest. I would love to know.

Thank you

cedar
Site Admin
Posts: 1834
Joined: Sat Mar 09, 2013 5:37 am

Re: What is the best performance you can get?

Post by cedar » Tue Mar 19, 2013 4:34 am

The best way to reach good performance is using Windows OS.
The universal tap device on Linux have lower performance because it can't handle multiple packet at once.

Another way is use local-bridge to real network device.
This may work better than a tap device.
But, in this mode, the virtual hub can't communicate to the server's host itself.
This limitation is avoidable if another NIC is connected to the segment.

If you want to use NAT function, you can use the kernel mode NAT which is a mode of SecureNAT.
This mode will be enabled when your host have a network interface which can receive IP address and default gateway to the Internet from DHCP service.
In this mode, the VPN server gets an IP address for NAT by DHCP, and communicate by an implicit local-bridge instead of IP stack of the host OS.

Post Reply