Download speed from NAS behind the router is slower from WAN than through VPN

RouterOS General
1

Hi

I have hAP ac³ as a home router and Synology NAS behind it with port forwarding rules configured for external access. Recently I noticed that download speed from NAS is drastically different in various situations.

  1. When I’m downloading for internet in location “A” downloads are very slow.


  2. From the same location when I access NAS through wireguard VPN (the VPN is configured on the router itself, not the NAS) the download speed is 3 to 5 times higher than in case (1)


  3. I asked some friends in different locations to test the speed for me when downloading from NAS directly (no VPN) and the results are different for them - some get the same speed as I do in case (1), some get something closer to case (2)


  4. I tried measuring the speed to router itself using BTest and got the reuslt far superior to what I see in cases (1) and (2).

Since the speed changes depending on how I access the NAS (WAN or VPN) I started thinking that something might be wrong with my router configuration. However I couldn’t really work out what might be having such impact. I’d appreciate any help with diagnosing and fixing the issue, redacted router configuration is attached.
hap_ac3.rsc (15.7 KB)

2

I ran some ipref3 tests between NAS and two different locations:

  1. Location A to NAS no VPN (NAS receives, Location A sends):
Test Complete. Summary Results:
[ ID] Interval           Transfer     Bitrate         Retr
[  5]   0.00-10.00  sec   173 MBytes   145 Mbits/sec    0             sender
[  5]   0.00-10.00  sec   171 MBytes   144 Mbits/sec                  receiver
  1. Location A from NAS no VPN (NAS sends, Location A receives):
Test Complete. Summary Results:
[ ID] Interval           Transfer     Bitrate         Retr
[  5]   0.00-10.00  sec  1.26 MBytes  1.05 Mbits/sec   23             sender
[  5]   0.00-10.00  sec  1.13 MBytes   944 Kbits/sec                  receiver
  1. Location A to NAS via WireGuard VPN on Mikrotik (NAS receives, Location A sends):
Test Complete. Summary Results:
[ ID] Interval           Transfer     Bitrate         Retr
[  5]   0.00-10.00  sec  81.4 MBytes  68.3 Mbits/sec    0             sender
[  5]   0.00-10.00  sec  79.7 MBytes  66.8 Mbits/sec                  receiver
  1. Location A from NAS via WireGuard VPN on Mikrotik (NAS sends, Location A receives):
Test Complete. Summary Results:
[ ID] Interval           Transfer     Bitrate         Retr
[  5]   0.00-10.00  sec  1.76 MBytes  1.48 Mbits/sec   16             sender
[  5]   0.00-10.00  sec  1.67 MBytes  1.40 Mbits/sec                  receiver
  1. Location A to NAS via L2TP/IPSec VPN on Mikrotik (NAS receives, Location A sends):
Test Complete. Summary Results:
[ ID] Interval           Transfer     Bitrate         Retr
[  5]   0.00-10.00  sec  35.8 MBytes  30.1 Mbits/sec   53             sender
[  5]   0.00-10.00  sec  34.8 MBytes  29.2 Mbits/sec                  receiver
  1. Location A from NAS via L2TP/IPSec VPN on Mikrotik (NAS sends, Location A receives):
Test Complete. Summary Results:
[ ID] Interval           Transfer     Bitrate         Retr
[  5]   0.00-10.00  sec  2.28 MBytes  1.91 Mbits/sec   10             sender
[  5]   0.00-10.00  sec  2.07 MBytes  1.74 Mbits/sec                  receiver
  1. Location B to NAS no VPN (NAS receives, Location A sends):
Test Complete. Summary Results:
[ ID] Interval           Transfer     Bitrate         Retr
[  5]   0.00-10.00  sec   340 MBytes   285 Mbits/sec  277             sender
[  5]   0.00-10.00  sec   339 MBytes   285 Mbits/sec                  receiver
  1. Location B from NAS no VPN (NAS sends, Location A receives):
Test Complete. Summary Results:
[ ID] Interval           Transfer     Bitrate         Retr
[  5]   0.00-10.00  sec  21.2 MBytes  17.8 Mbits/sec  235             sender
[  5]   0.00-10.00  sec  21.2 MBytes  17.7 Mbits/sec                  receiver
  1. Location A to Location B (Location B receives, Location A sends):
Test Complete. Summary Results:
[ ID] Interval           Transfer     Bitrate         Retr
[  5]   0.00-10.00  sec   410 MBytes   344 Mbits/sec  165             sender
[  5]   0.00-10.05  sec   410 MBytes   342 Mbits/sec                  receiver
  1. Location B from Location B (Location B sends, Location A receives):
Test Complete. Summary Results:
[ ID] Interval           Transfer     Bitrate         Retr
[  5]   0.00-10.06  sec  33.5 MBytes  27.9 Mbits/sec   61             sender
[  5]   0.00-10.00  sec  32.6 MBytes  27.4 Mbits/sec                  receiver

The strange thing is that receiving data to Location A from NAS is faster through VPNs than directly, even though the bandwidth on both sides should allow a higher speed, but for the other direction it exactly the opposite.

Running speedtest-cli from NAS directly I get the following results:

Download: 262.68 Mbit/s
Upload: 182.82 Mbit/s

I also ran a couple of tests using BTest as well (TCP, receive):

  1. From Location A to Mikrotik directly:
    2024-08-14 01_42_31-MikroTik Bandwidth Test v0.1.jpg
  2. From Location A to Mikrotik via WireGuard VPN on Mikrotik:
    2024-08-14 01_38_25-MikroTik Bandwidth Test v0.1.png
  3. From Location A to Mikrotik via L2TP/IPSec VPN on Mikrotik:
    2024-08-14 01_33_50-MikroTik Bandwidth Test v0.1.png

Here the download speed is higher directly than through VPN and is higher than when downloading from NAS.

3

Hello ayevee,

How are you fix this? I have the same problem. Real difference between upload and donload less then your but I want to fix it.

Thanks in advance,

BR Maryan