Hi
My qnap ts251d is slow when it comes to encrypted connections. I try to access it via tailscale or zerotier one and I am limited to 2mbits while without my qnap is able to upload at 70mbits.
Tailscale tells me that I am in direct connection… it’s the same when I connect with a more classic vpn.
I thought it might be related to the cpu but no, its usage is still very good.
Any ideas?
Thanks
making some progress in my research!I tested a clean wireguard and access via qfile and then samba.I have a huge flow in LAN however connected with wireguard. It is in WAN by internet that the saturation is done. With fiber connections at each end. So I think there is a problem of routing… Maybe.
But my wan is ok when it’s not encrypted… NAS vs external FTP is full speed.
This is the trade off of VPN connections. Bandwidth for security. You might get better speeds from other providers but no where near 70mbits
This is a common VPN issue. Wireguard is generally MUCH faster so if you can use that over OpenVPN, etc you may see better speeds.
My understanding is ideally you need a dedicated beefy hardware Router like something methane sell to do the vpn encryption fast enough or possible even have hardware accelerated encryption.
70mbits sounds like the native/read write speed if the raid array. Using vpn, you are limited to the slowest link in the connection. Cable and ADSL are faster in the download direction. Downloading Over vpn from qnap you are receiving traffic in the slow direction. Use fast.com to test your speed. Second there are two isps at play, the one serving the qnap and the one you are using to access. Again check fast.com. I have had excellent results using openvpn under most link conditions.
Vpn itself will impose a 10-20% performance hit due to additional encapsulation. It also increases packet size so you may be encountering fragmentation. If you are doing a lot of small transmissions then it may be a latency issue. It is not likely a cpu issue with a x251. Lastly isp may be doing some packet shaping. Cant speak for other vpns, they might be imposing a fup that limits your speed.
It is not a vpn connection through a provider. But directly between several of my remote machines or Android mobile.
historically i got 1:1 speeds everywhere, every ISP vs every VPN. e.g. 500/500 = 500/500. there are only 3 limits: client cpu, your bandwith, server bandwith*. *servers switching to 10gbit, so this is fixed too.
Tailscale is normally using wireguard
Ok, my mistake. But that just explains why you’re connection is slower than mine.
From the perspective of your NAS you are measuring upload speed and I was comparing that to my VPN download speeds. Unless you have full duplex from your ISP, your upload speed will be slower.
All that aside, encryption by VPN has a cost. You sacrifice speed for security. What you’re experiencing is normal
If you got cable internet you’re sharing your internet with your neighbors. Which means at peak times you could very well be running up against the limits of the medium. They also typically don’t give you 1:1 upload:download speeds cuz they don’t want you running web servers or other servers (custom or store bought). Otherwise the couldn’t sell you their business tier which is 1:1 upload-download
Yea, but it can only connect via a relais.
Or does in direct mean direct?
I have a fiber 2gbps download connection and 500mbits upload. My qnap does this without any problem (capped at 1gbps because of the port) in upload or download on ftp. I fall to 2mbits in encrypted flow. Whether it is on openvpn or tailscale which goes through wireguard. It’s the fall to hell compared to the bandwidth I have 
that’s all wrong too, though some points were valid decades ago. there’s no such aggregation, i have the max speeds on the cable all day (or i call the hotline) and often initial burst of double or tripple the bandwith. i can choose download/upload myself. and if not, the typical basic offer is 500:500. only the very archaic DSL operators have poor upload. millions of people have optics, 2000mbit for example and it costs 20 bucks. and of course i run a server, and noone can be bothered as it’s none of their business. and not a byte goes through ISP, all goes through a 10gbit VPN server. i choose another country to have ultraresponsive Nvidia GFN and my ping is still 10ms via VPN. i run monitoring scripts all day. i measure the quality of the routing, and sometimes i find a better way to boost my traffic from AAA++ to AAA+++:)
You’re wrong.
DSLReports has the information to prove it. For example, a significant portion of Comcast Xfinity (a cable company) customers are recording aggregate speed tests with download speeds at or above100MBits/s while upload speeds lag at about 10mbits/s or lower with some fringe spikes up to about 80mbits/s. Some of the data in that aggregate being from less than an hours ago.
So you’re not disagreeing with me but you’re disagreeing with empirical data of hundreds of thousands of customers from Xfinity and other cable companies.
Upload/ Download speeds differ by quite a lot. If you choose to die on this hill it’ll be a worthless death.
In that result, the upload to download is almost 1:1? Maybe im forward thinking, but DSL is previous century technology. People in caves will keep it, others will switch to Fiber 1:1, that’s the future. Will people actually use that upload? No. Statistically they don’t, because they are typically unproductive people & dumb receivers of information. But the ridiculous upload ratios will die as they tie up specifically to bad old DSL. And to the original point, VPN can squeeze 100% of the connection in many cases, if routing isn’t bad (ISP + VPN). It’s not right to keep spreading backward thinking how VPN must be “slow by nature”. Such statements are of poor taste.
Again, you’re not arguing with me. You’re arguing with the numbers and apparently losing cuz you don’t appear to be able to interpret a graph. So let me provide a table of Comcast Xfinity, Time Warner Cable, Charter Cable and Cox Cable customers. Not one… NONE! … of these results are DSL. The only person mentioning DSL is you.
| Test Number | Download (mbits/s) | Upload (mbits/s) | Ratio |
|---|---|---|---|
| 71123028 | 66.8 | 33.1 | 2.0 |
| 71175813 | 99.4 | 40.1 | 2.5 |
| 71153515 | 91.3 | 26.8 | 3.4 |
| 71146856 | 128.9 | 11.11 | 11.6 |
| 71125348 | 77.9 | 14.82 | 5.3 |
| 71146401 | 84.7 | 41.8 | 2.0 |
| 71143927 | 111.7 | 45.7 | 2.4 |
| 71198940 | 65 | 44 | 1.5 |
| 71129144 | 206.5 | 43.1 | 4.8 |
| 71140951 | 185.4 | 21.89 | 8.5 |
| 71170166 | 98 | 16.56 | 5.9 |
| 71182721 | 31.6 | 11.64 | 2.7 |
| 71185234 | 41.3 | 11.39 | 3.6 |
| 71121760 | 51.4 | 10.46 | 4.9 |
| 71172916 | 75.9 | 11.17 | 6.8 |
| 71162950 | 27.4 | 5.91 | 4.6 |
| 71192442 | 9.78 | 5.5 | 1.8 |
| 71148387 | 60.8 | 13.02 | 4.7 |
| 71190823 | 130.5 | 61.8 | 2.1 |
| 71139843 | 186.4 | 59 | 3.2 |
| 71199103 | 102.2 | 11.41 | 9.0 |
| 71138719 | 20.72 | 10.78 | 1.9 |
| 71165548 | 15.19 | 9.83 | 1.5 |
| 71148395 | 82.8 | 5.62 | 14.7 |
| 71125531 | 102.7 | 37.7 | 2.7 |
| 71188321 | 55.5 | 10.37 | 5.4 |
| 71160381 | 90.1 | 11.64 | 7.7 |
| 71170768 | 29 | 12.02 | 2.4 |
| 71188066 | 184.2 | 11.98 | 15.4 |
| 71180100 | 243 | 11.6 | 20.9 |
| 71175719 | 73.9 | 10.49 | 7.0 |
| 71125352 | 73.2 | 10.69 | 6.8 |
| 71146257 | 95.3 | 9.71 | 9.8 |
| 71137650 | 22.69 | 11.01 | 2.1 |
| 71194306 | 30.2 | 8.93 | 3.4 |
| 71108668 | 92.3 | 39.2 | 2.4 |
| 71130635 | 28.9 | 10.58 | 2.7 |
That’s NOT ~1:1. There is not a single test result in this list where the download isn’t…IS NOT… at least ~50% faster than upload speed. All these numbers are 4 months old or less. So, this is current technology.
Also, VPN traffic has more data and requires more processing time than unencrypted data without VPN. Inherently this will make VPN traffic slower ever time. There is no way this can be overcome without unencrypting the data by not using VPN in the first place.
You are sounding like a complete idiot that people just allowed you to continue sounding stupid rather than engaging you.
You are wrong! Accept it …or not. IDC
No, you are wrong. I switched from 300:300 to 500:500 recently, and i can easily measure speeds with and without VPN and it’s the same. But there’s a catch: i don’t live in US;) We don’t have rules like telco lock (mobile phone must be registered to a specific operator), or ‘no rooting’, or streaming throttling (killing internet neutrality), or 2year plan lockins. Most of this toxic stuff is actually banned in EU. Free market my arse. And we have cheap prices so we don’t need “Federal Government’s Affordable Connectivity Program” marxist stuff.
But i see there are lot of folks living outside of main cities who have slow internet. Same here. Prayers to them. They either have DSL or coax (cable). Both technology of the past.
Back to the most important topic. You don’t seem to grasp technology a bit, that’s why you throw the false claims. You’re like on of those folks who heard once BRTFS is a bad filesystem, or Windows tracking can’t be turned off, or disk hibernation shortens hardrive lifetime, and keep posting about those false narratives forever, even if they were debunked. So to explain, VPN does need more processing power but not necessarily processing time. VPN server has enough processing power to serve the users. Enough bandwith too. On client side, if you have a matching bandwith and enough processing power (should be the case in case of most PCs, and routers with wireguard - there is only exception of openvpn on router), you can easily get the same bandwith and ping as ISP unless it’s purposedly throttled down by some “free market ISP” which again is something i never experienced. Or you live in Alaska, with no VPN point, and you connect to VPN in Brazil. That will slow you down even without VPN, as the routing can’t be perfect everywhere. And here come my optimizations, i might purposedly connect to a much further VPN if I detect a better routing, a stronger backbones on my route. I can see the participant ASNs, their peering in the public databases and i calculate the best routing. This will further improve my speeds abroad if my domestic consumption is low. But tweaking aside, i switched several VPN operators, and ISPs, and the speeds were always 1:1 to ISP. Simply because VPN server is just one point on a route - nothing else. And you will have a VPN point in some major city, and you would route there even via ISP => same speeds. “There’s no way this can be overcome” - come on:D “VPN traffic slower every time” - haha. Totally wrong!
Let me fix it for you:“Also, VPN traffic has slightly more data and requires more processing power than unencrypted data without VPN. Bad routing will make VPN traffic slower sometimes. The way this can be overcome is to connect to the closest VPN server and connect with PC if my cheap router is slow even for Wireguard. I am sounding like a complete idiot that people just allowed me to continue sounding stupid rather than engaging me.”
I’m not wrong! I’m simply pointing to data. You are saying data is wrong.
Which sply means you are embarrassed bcuz your ego is bruised.
That’s all this is. You’re trying to save face by saying the data is wrong and that your singular experience trumps the experience of hundreds of thousands of cable users.
Pathetic
look at your initial statement - it’s wrong. Just admit it.