Bug: Internet Speedtest Slow #311
Comments
|
Hey there! I doubt this has to do with the container as it uses openvpn under the hood. But nonetheless, it's interesting to find out why you see such differences.
|
|
I am connecting another container to the Gluetun container to run the speedtest that sees the different results. I am not connecting a Windows machine to the Gluetun container to run a speedtest. I think that is what you are asking. I am using the openvnp protocol on the Windows test machine in the PIA client. I have not tired the openvpn client on the Windows 10 machine since the speeds it is getting seem to be fine. So in summary: |
|
Yes thanks for clarifying, that's what I understood too. Try connecting with openvpn on your Windows machine so we can compare apples to apples. If there is still a difference, the only explanation I can think of would be the virtual machine Docker Desktop uses is being throttled or is slow at running crypto operations for openvpn, but that's unlikely. Have you tried on another PIA & speedtest server? Do you get the same observation? |
|
I think we can rule out the Windows host, docker desktop, hyper-v, and the docker VM. A speedtest from a container not connected to Gluetun gets 276.75 Mbps and the Windows host itself gets 317.19 Mbps. It looks like the issue is with the OpenVPN client. A speedtest using the PIA client is almost 3x faster from the Windows 10 machine. I tried following this guide to get it working in container, but did not have any luck. https://www.pclinuxos.com/forum/index.php/topic,150355.0.html Any plans to add the PIA client to the container for PIA users? ;-) I also ran the test from a container connected to Gluetun against a Chicago speedtest server and the same test from a Windows 10 machine using the PIA client connected to the same Speedtest server. Results were similiar in that the Windows 10 machine is about 3x faster. FROM A WINDOWS 10 MACHINE CONNECTED TO PIA (US Chicago) using the PIA client against a Chicago speedtest server FROM A DOCKER CONTAINER CONNECTED TO Gluetun (PIA Chicago) against a Chicago speedtest server FROM A WINDOWS 10 MACHINE CONNECTED TO PIA (US Chicago) using the PIA client against a Wichita speedtest server FROM A WINDOWS 10 MACHINE CONNECTED TO PIA (US Chicago) using the OpenVPN client against a Wichita speedtest server FROM A DOCKER CONTAINER CONNECTED TO Gluetun against a Wichita speedtest server |
|
Another step you could try relatively simply on your Windows 10 host is to try with Wireguard. It's relatively simple to install and setup. Maybe that's what PIA's app is using under the hood which is known to be a bit faster. If it's faster I'll accelerate the focus on #134 otherwise it might just be PIA being not nice and prioritizing their app 😢 Their CLI application
So let's hope it works better with Wireguard 😄 Otherwise you can always ping their support, I would be curious to see their answer 🤔 Thanks! |
|
There is no support from PIA on connecting using the Windows Wireguard client and I did not see anyone who has successfully done this with a how to posted. PIA does have a beta of Linux scripts to connect. I tried to get Wireguard working in both an Alpine and Debian Docker image using the development scripts provided by PIA. I could not get either either to work. Could not get past "bash: ./get_region_and_token.sh: No such file or directory" in either image. Tried several things, but could not figure it out. Linux is not my fotre. I can get the script to run in the gluetun image, but it fails to connect probably because it is already connected using the openvpn client. Seems like it gets 95% of the way there and then fails. |
|
I've noticed similar behavior - a speedtest through gluetun results in a slower speed. While running the speedtest through gluetun, I've had "top" running on the host OS and can see that openvpn is pinning the CPU, so it just looks like openvpn is CPU bound. Maybe it's the same for you, @samcro1967? I think that's been the case for me as long as I've used gluetun. No complaints on my end. I also appreciate that an open source VPN client is being used rather than PIA's proprietary client 😄 |
|
Yeah I'll try to get that Wireguard implementation started during Christmas, it may be faster than openvpn. @samcro1967 it's strange they don't have documentation for wireguard, but it should work similarly as on Linux I think. But yeah don't bother on Linux, you might need the wireguard Kernel module depending on your Kernel which is not that trivial to setup if you're not familiar with Linux. @raph521 Thanks for your input, interesting that it's bottlenecked. @samcro1967 How many CPU cores did you assign to your Docker Desktop daemon? What's your CPU? |
|
I have 8 CPUs assigned to Docker. My Docker host CPU is an Intel(R) Core(TM) i9-9900K CPU @ 3.60GHz. ctop is showing the container using 60 MB of memory and CPU is 0%. |
|
I was curious how much of a difference wireguard would make, and found this image that supports PIA through wireguard: https://hub.docker.com/r/thrnz/docker-wireguard-pia Turns out, it made a huge difference! Both tests were performed while connected to the CA Montreal region. And for the wireguard test, I'm using the userspace wireguard implementation (wireguard-go) as I'm on Debian Buster and I don't think wireguard is baked into the legacy kernel used there. PIA through gluetun (using openvpn) PIA through docker-wireguard-pia (using wireguard) |
|
I found several posts from other users that VPN on Docker Desktop for Windows is very slow. I spun up an Ubuntu VM and installed docker. Testing both clients shows that Wireguard is quite a bit faster than OpenVPN for me also. Wireguard Client OpenVPN Client |
|
Alright let's close this for now. I'm digging into adding Wireguard (follow #134) as I'm writing this, with PIA 'experimental' support first. That's crazy there is such a big difference even with the user space implementation, I didn't expect it to be THAT fast! 👍 |
|
Also apparently Wireguard uses all CPU cores whereas openvpn limits itself mostly to 1 cpu core. More on this discussion. Anyway that seems like a required improvement now for this image. |
|
Just adding in here that I'm experiencing similar unexplained throttling using Mullvad. No VPN connection on my WIndows machine gives around 380 down / 40 up. A docker container not connected via VPN similarly gets around 370/35 Connecting via Gluetun to the same city Mullvad servers the best I've seen is 85 / 30. Hope the Wireguard implementation is progressing :) |
|
@estate000 are these running on the same machine? I'll do some testing on my machine. I also made some progress on wireguard but it's not there yet unfortunately. |
|
To be fair no they're not. The Windows machine is a 10th gen i7, but the containers are running on a Pentium (Syno DS916+). |
|
@estate000 Take a look at thrnz/docker-wireguard-pia. I am getting about
90% line speed consistently. Port forwarding from the VPN container to
another does not work so only use it for apps that you do not need a webUI
for. Looking forward to gluten supporting wireguard so I can switch and
selectively run containers behind a VPN.
…On Sun, Feb 21, 2021 at 1:18 PM estate000 ***@***.***> wrote:
To be fair no they're not. The Windows machine is a 10th gen i7, but the
containers are running on a Pentium (Syno DS916+).
I don't currently have docker running on Windows but I can set that up to
do a proper apples-to-apples comparison if that would help.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#311 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AARWIVMAJUOZX4KDBDDHVYLTAFL7RANCNFSM4UVPUFUQ>
.
--
*Mark E. Hickey*
*1906 Lunenburg Dr.*
*St. Peters, MO 63376*
*636-344-0706*
|
|
Context: I'm based in Montreal Canada, and using Mullvad Summary table:
Conclusions:
Details: France Paris VPN serverGluetun on a Linux host (ryzen 2600x)Gluetun on a Windows host (ryzen 5900x + docker desktop with 6 CPUs assigned)Openvpn on Windows host (5900x all cores)Alpine container using Openvpn running on Windows host (5900x all cores)Canada Montreal VPN serverGluetun on a Linux host (ryzen 2600x)Gluetun on a Windows host (ryzen 5900x + docker desktop with 6 CPUs assigned)Openvpn on Windows host (5900x all cores)Alpine container using Openvpn running on Windows host (5900x all cores) |
Host OS :
Microsoft Windows [Version 10.0.19042.685]
Client: Docker Engine - Community
Version: 19.03.5
API version: 1.40
Go version: go1.12.12
Git commit: 633a0ea
Built: Wed Nov 13 07:22:37 2019
OS/Arch: windows/amd64
Experimental: false
Is this urgent?:
No
What VPN provider are you using:
PIA
What are you using to run your container?:
What is the version of the program (See the line at the top of your logs)
What's the problem 🤔
Slow speedtest with container connected to PIA versus the same test when not connected from a container and a Windows 10 machine.
FROM A DOCKER CONTAINGER CONNECTED TO PIA
FROM A DOCKER CONTAINGER NOT CONNECTED TO PIA
FROM A WINDOWS 10 MACHINE CONNECTED TO PIA (US Chicago)
Logs
The text was updated successfully, but these errors were encountered: