Closed ispiropoulos closed 2 years ago
qdm12
commented
2 years ago What device are you using? Which country are you physically located in?
Try disabling the firewall with FIREWALL: off maybe that puts too much load on your device?
You might want to compare with a VPN server near your location to ensure you compare processing and not some random bandwidth bottleneck.
qdm12
commented
2 years ago There is also a memory issue #765 where gluetun uses 500mb of ram (due to servers data being kept in memory) so maybe your device is low on ram. I'm working on fixing it currently.
ispiropoulos
commented
2 years ago What device are you using? Which country are you physically located in?
Try disabling the firewall with
FIREWALL: offmaybe that puts too much load on your device?You might want to compare with a VPN server near your location to ensure you compare processing and not some random bandwidth bottleneck.
First of all, congratulations for gluetun, seems like you have put a lot of effort to code / maintain.
The server is indeed in my Country (Greece), both the PIA server and the speediest server.
I just tried with environment variable - FIREWALL=off but unfortunately the same outcome.
There is also a memory issue #765 where gluetun uses 500mb of ram (due to servers data being kept in memory) so maybe your device is low on ram. I'm working on fixing it currently.
The memory and cpu usage does not seem to be high, > docker stats gluetun returned this while running the speedtest:
Weird thing; I also tried docker-wireguard-pia and linuxserver/wireguard and have similar low speeds. Only docker-openvpn-client seems to be working, but I'd love to see gluetun work for me for the convenience of port forwarding etc.
Could it be some docker image setting that makes it so slow? Unfortunately, while I am a software engineer, my experience with docker is 0.
qdm12
commented
2 years ago First of all, congratulations for gluetun, seems like you have put a lot of effort to code / maintain.
Thanks π―
The server is indeed in my Country (Greece), both the PIA server and the speediest server.
Awesome ποΈ
I just tried with environment variable - FIREWALL=off but unfortunately the same outcome.
Got it. docker-openvpn-client also uses some iptables firewall so similar to gluetun. Thanks for confirming it's not that.
Weird thing; I also tried docker-wireguard-pia and linuxserver/wireguard and have similar low speeds.
With all the praises and prayers to wireguard, this is just hilarious. Anyway, this is bugging me as much as it is for you π
Could it be some docker image setting that makes it so slow? Unfortunately, while I am a software engineer, my experience with docker is 0.
No worry, happy to help! I checked their Dockerfile and it looks like it's just OpenVPN on alpine:3.15 like gluetun is. So probably not a docker image issue, it's the same package. Although gluetun installs both openvpn 2.4 and 2.5 to be retro-compatible, maybe that's a problem.
qmcgaw/gluetun:802 can you try? It probably won't help but who knows.docker-openvpn-client, did you use it in the same docker-compose.yml (with transmission connected to it)?docker-openvpn-client? Did you benchmark it multiple time, as in shutting the VPN container down and re-connecting?I also checked docker-openvpn-client's entrypoint and there is nothing extra compared to gluetun (no picking of best server etc.)
ispiropoulos
commented
2 years ago Could it be some docker image setting that makes it so slow? Unfortunately, while I am a software engineer, my experience with docker is 0.
No worry, happy to help! I checked their Dockerfile and it looks like it's just OpenVPN on
alpine:3.15like gluetun is. So probably not a docker image issue, it's the same package. Although gluetun installs both openvpn 2.4 and 2.5 to be retro-compatible, maybe that's a problem.
- I built and pushed gluetun with openvpn 2.5 only (not 2.4) at
qmcgaw/gluetun:802can you try? It probably won't help but who knows.
Thanks. Just tried and Iβm getting this error:
========================================
========================================
=============== gluetun ================
========================================
=========== Made with β€οΈ by ============
======= https://github.com/qdm12 =======
========================================
========================================
Running version unknown built on an unknown date (commit unknown)
π§ Need help? https://github.com/qdm12/gluetun/discussions/new
π Bug? https://github.com/qdm12/gluetun/issues/new
β¨ New feature? https://github.com/qdm12/gluetun/issues/new
β Discussion? https://github.com/qdm12/gluetun/discussions/new
π» Email? quentin.mcgaw@gmail.com
π° Help me? https://www.paypal.me/qmcgaw https://github.com/sponsors/qdm12
2022/01/20 07:16:12 INFO storage: merging by most recent 11100 hardcoded servers and 11100 servers read from /gluetun/servers.json
2022/01/20 07:16:12 INFO Alpine version: 3.15.0
2022/01/20 07:16:12 ERROR exec: "openvpn2.4": executable file not found in $PATH
2022/01/20 07:16:12 INFO Shutdown successful
- When running the test with
docker-openvpn-client, did you use it in the same docker-compose.yml (with transmission connected to it)?
Yes. Transmission, pyLoad, and that speedtest-tracker container working great with docker-openvpn-client.
- Maybe you got lucky and went on a low usage VPN server when you tested
docker-openvpn-client? Did you benchmark it multiple time, as in shutting the VPN container down and re-connecting?I also checked
docker-openvpn-client's entrypoint and there is nothing extra compared to gluetun (no picking of best server etc.)
I think itβs not luck, also tried with other countries like France and Austria, speed difference was there as well. One thing I noticed with France is that when I connected with gluetun and run the speedtest image I showed on my initial issue post, speedtest-cli showed me a different ISP (something in Chile) although the gluetun logs showed that I was connected to France and the ip it gave me was in France. I can try again in an hour and provide logs and screenshots.
Also, I think itβs noteworthy that:
docker-openvpn-client.docker-openvpn-client I could not make it possible to reach transmission web interface nor pyload web interface nor the integrated http proxy of docker-openvpn-client from within the Tailscale connection, while with gluetun I can.tailscaled service and tried again, with no change in results (same slow speed for gluetun)ispiropoulos
commented
2 years ago I completely removed the gluetun container, all the cached images my docker instance was not using, all the unused networks, and fetched again from gluetun:latest. And now I get fast speeds.
This is very very weird.
The weirdest part is that I also tried running the container on a raspberry pi 3b+ I have (on the same network as my main home server) just before I did that clean up and I had the same issue.
UPDATE:
After a reboot on the host machine, same problem happens again.
ispiropoulos
commented
2 years ago Update:
After that reboot I mentioned earlier, I had very poor speeds even with docker-openvpn-client.
I then tried to use the configuration files with gluetun in custom provider mode. Same results (and I have to change the host name on the conf file into an ip, hostname resolved in multiple ips, so I tried one by one with various results for each one, but generally slow speeds (1,5 - 6 mbps)
Then, I changed the protocol to tcp with the - OPENVPN_PROTOCOL=tcp environment variable and scheduled a speedtest to occur every 15 minutes overnight. With the exception of two consecutive runs, Iβve been getting way better speeds, around 40-70mbps.
qdm12
commented
2 years ago Maybe it's just that their UDP servers are overloaded (since it's the default for Openvpn) perhaps?
Protocol wise, since you are wrapping mostly TCP traffic in UDP traffic when using UDP, it's not a matter of unreliable connection. If you get bad speeds with Wireguard as well which uses UDP, that's also strange. Maybe only OpenVPN TCP servers are not overloaded. It might be worth asking them directly π€
I'll leave the issue opened for a few more days if you find more things, and then I'll document that in the wiki page as a tip π
ispiropoulos
commented
2 years ago Hi Quentin, I have not forgotten about this "issue", just being swamped with work. Been running smoothly via TCP for days. Have tried UDP again but with the same issues. I will send over an email to PIA and let you know.
RW21
commented
2 years ago I am also facing the issue.
Tried OPENVPN_PROTOCOL=tcp, but no luck. Doesn't seem like a tcp/udp problem for me...
qdm12
commented
2 years ago It might be depending on VPN server load. I think they (PIA) have an API to fetch the load of a server if I'm not mistaken. Other than that, I can't really help as it can be due to a bunch of external factors (memory available, speed test server load, vpn server load, connection bandwidth, connection reliability, cpu load on your machine, to name a few)
RW21
commented
2 years ago Hmm, maybe perhaps its a pia server issue. I am getting fast uploads, but slow downloads. I have tested older version of gluetun which used to work fine, but still get the same issue.
RW21
commented
2 years ago Just a question: does - OPENVPN_PROTOCOL=tcp work when - VPNSP=private internet access
Do I need to use openvpn mode to enable it?
qdm12
commented
2 years ago @RW21 It is openvpn by default, and wireguard isn't supported for PIA yet. Anyway if you're in doubt, you can just try the settings and gluetun will complain if a setting is not valid, there is a decent validation system in place.
RW21
commented
2 years ago :+1: Thanks for the prompt reply. For me, changing the protocol to TCP didn't effect the speed. I will try to recreate the environment in another machine.
RW21
commented
2 years ago btw, I'm getting way better speeds on other machines. Seems to be a problem with my rasberry pi.
qdm12
commented
2 years ago @RW21 interesting. You can check if htop if openvpn uses a lot of CPU or memory;
If it does use a lot of CPU, you can subscribe to #612 to know when wireguard is implemented for PIA, it might help reduce CPU load.
Otherwise, it might be because raspberry Pis (except 4 I think) have 100mbps ethernet so limited to 12.5MB/s, and that's most likely worst in Wifi, maybe that's the reason?
RW21
commented
2 years ago Yes I did notice that my rasberry pi was consistently using 80% of cpu resource (not only from gluetun, but from a bunch of different services), but I'm sure this is not the root cause, since it used to work fine under this condition.
As an update, I finally upgraded from Ubuntu 21.04 to 21.10, and this somehow fixed it. But it is weird considering before the upgrade, internet speeds where fine except for gluetun. I suppose some kernel update fixed the problem.
Anyways, thanks for your help! Wireguard on PIA looks very promising. I am looking forwards for it :+1:
qdm12
commented
2 years ago Cool! I'll close this issue for now then.
Also regarding Wireguard, don't expect too much from it. It does bring benefits if the VPN server is nearby and you CPU is single-thread bad (:eyes: raspberry pi), but otherwise it will likely give the same performance as openVPN.
Is this urgent?
Yes
Host OS
Ubuntu 20.04
CPU arch
x86_64
VPN service provider
Private Internet Access
What are you using to run the container
docker-compose
What is the version of Gluetun
Running version latest built on 2021-12-14T18:21:24.225Z (commit ca82fcb)
What's the problem π€
The download speeds are very slow via gluetun. I have made a comparison with ghcr.io/wfg/openvpn-client and the results are night and day.
Testing with PIA on gluetun:
Testing with PIA on openvpn-client:
The performed tests are with
PIA_ENCRYPTION=normalon gluetun and the open vpn configuration for normal mode on openvpn-client.I have also tested with port worwarding disabled. No change.
Share your logs
Share your configuration