Bandwidth limited to below 10Mbps

[aabdellah]

Hello

I have managed successfully to use the extension, but my connection is now always below 10Mbps. Server running latest Debian is 100mbps and client running Arch Linux ARM is 70mbps on v0.4.2.

Below is an iperf3 log from testing:

$ iperf3 -c 10.0.0.30 -n 20M
Connecting to host 10.0.0.30, port 5201
[  5] local 10.0.0.1 port 39378 connected to 10.0.0.30 port 5201
[ ID] Interval           Transfer     Bitrate         Retr  Cwnd
[  5]   0.00-1.00   sec  2.88 MBytes  24.1 Mbits/sec  585    102 KBytes       
[  5]   1.00-2.00   sec  1.97 MBytes  16.5 Mbits/sec  303    112 KBytes       
[  5]   2.00-3.00   sec   879 KBytes  7.20 Mbits/sec   43   73.5 KBytes       
[  5]   3.00-4.00   sec   879 KBytes  7.20 Mbits/sec    0   80.2 KBytes       
[  5]   4.00-5.00   sec   879 KBytes  7.20 Mbits/sec    0   89.5 KBytes       
[  5]   5.00-6.00   sec  1.72 MBytes  14.4 Mbits/sec   24   46.8 KBytes       
[  5]   6.00-7.00   sec  0.00 Bytes  0.00 bits/sec    0   41.4 KBytes       
[  5]   7.00-8.00   sec   879 KBytes  7.20 Mbits/sec    0   50.8 KBytes       
[  5]   8.00-9.00   sec   879 KBytes  7.20 Mbits/sec    0   60.1 KBytes       
[  5]   9.00-10.00  sec   879 KBytes  7.20 Mbits/sec    0   69.5 KBytes       
[  5]  10.00-11.00  sec   879 KBytes  7.20 Mbits/sec   23   54.8 KBytes       
[  5]  11.00-12.00  sec   879 KBytes  7.20 Mbits/sec   22   48.1 KBytes       
[  5]  12.00-13.00  sec  0.00 Bytes  0.00 bits/sec    0   56.1 KBytes       
[  5]  13.00-14.00  sec   879 KBytes  7.20 Mbits/sec    0   65.5 KBytes       
[  5]  14.00-15.00  sec   879 KBytes  7.20 Mbits/sec    0   74.8 KBytes       
[  5]  15.00-16.00  sec  1.72 MBytes  14.4 Mbits/sec    0   85.5 KBytes       
[  5]  16.00-17.00  sec   879 KBytes  7.20 Mbits/sec    0   94.9 KBytes       
[  5]  17.00-18.00  sec   942 KBytes  7.71 Mbits/sec   56   52.1 KBytes       
[  5]  18.00-19.00  sec   879 KBytes  7.20 Mbits/sec    0   58.8 KBytes       
[  5]  19.00-19.85  sec   516 KBytes  4.94 Mbits/sec    0   66.8 KBytes       
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval           Transfer     Bitrate         Retr
[  5]   0.00-19.85  sec  20.0 MBytes  8.45 Mbits/sec  1056             sender
[  5]   0.00-19.93  sec  17.9 MBytes  7.52 Mbits/sec                  receiver

iperf Done.

What would be the cause of having such performance loss? I don't think the overhead should be this much.

Thanks for the great extension that helps with Internet censorship.

[infinet]

What is the speed without extension?

[aabdellah]

I can't manage to get unobfuscated wireguard through the handshake, but when I was using a fork called notwireguard, I used to get the full speed.

[infinet]

I cannot reproduce this problem. Perhaps your ISP is throttling UDP now? Also, have you tried version 0.5?

[aabdellah]

I didn't try 0.5 because it was not available on aur, I give it a try and update. As for UDP, I don't think so as notwireguard is using UDP and provides the same speed with minimal overhead.

[aabdellah]

Same performance on v0.5.0 Does the extension encrypt all of the traffic or just the handshake?

[infinet]

It obfuscates all traffic. How about CPU usage?

[aabdellah]

CPU is under 20% while doing the speed test. Is it possible to limit the extension to only obfuscate handshake bytes?

[infinet]

It is not possible to only obfuscate the handshake unless make big changes. Besides, what if other parts of WG traffic also affected?

[aabdellah]

The DPI firewalls I deal with only detect the handshake. I will try with other server and see if it improves, thanks for your support.

[infinet]

I tested it on a ARM single board computer but still cannot reproduce the problem. If possible you can try the latest branch. Also, it might help by setting the wireguard MTU to a lower value.