anyone notice a big hit between pptp and sstp?
i have a 5 mbit up on both isps
sstp barely can break 350k across tunnel
pptp is pushing well over 550k?
any comments anyone agree? does not seem to be cpu related, neither are maxxed out
I have much more over sstp.
As SSTP is a purely TCP based tunnel, it can suffer from TCP meltdown problem and may generally not deliver optimal performance on links that are not 100 percent clean and stable. You have the same issues when using OpenVPN TCP tunnels.
PPTP is using GRE to transmit encapsulated data, and does therefore not have this problem. However, SSTP is way better at working through NAT Firewalls. You need to select the correct tool for the situation at hand 
hmm,
im aware of the advantage, im trying to just understand the differences
my tunnel is stable with a 20ms response
same isp even
this is consistent across all my routers
what routers are you using where you are seeing better performance?
i know the cpu overhead is higher on sstp, but does it have more bandwidth overhead?
For example. Rb2011 as sstp server, omnitik as client with upload line capacity of 10mbit passes 9.3mbit thru the sstp tunnel.
im looking see more toward wan connections, as i have no need to test a vpn tunnel over local lan
It’s thru Internet, it means wan to wan tunnel. What else you want?
sorry it seemed like a local connection,
what code level are you running?
i am using a 2011 with a 750 as a client and see the reduction
That seems way too low… I remember getting more than 4Mbps using pure IPSEC/AES-192 and the old RB450 (not g). Sorry, I don’t have values for SSTP not PPTP…
2011 with 6.19 and omnitik with 6.18. Omnitik is the same like 750. I also tested sstp between two 750s on lan running 6.20 with about 80mbit passed, if I remember well - did not note the values, so hope it’s correct.
Same issue here. I’ve got a rock solid ISP cable connection. SSTP server: It has 160 megabit down, 10 megabit up.
I’m connecting from another line with the same ISP. This line’s profile is 60 megabit down, 3 megabit up.
PPTP: 8-9 megabit per second. Tested for 30 minutes downloading an Ubuntu ISO and with various speedtests.
Then SSTP: between 4.5 and 5 megabit. Often fluctuating below 4.5. Thus SSTP is about 50% slower.
Hardware:
Routerboard 850Gx2 using ROS 6.27
Windows 7 SSTP client
Notes:
Setting MTU did not help. I’ve tried 1460 and 1500 bytes.
RC4 or AES256 cipher is of little importance (RC4 is about 0.5 megabit faster on average)
my pptp numbers are much better then that, but yes i have a 100/100 connection that is barely breaking 3 mbit, support has stopped responding to my support request, even when i provide mounds of data, this is across a variety of devices at this point
What is the latency between the two points and what consumes cpu on both sides when tunnel goes at maximum?
latency is 30-40ms, cpu never maxes out, barely breaks 35% on a MAP2N,
on a pptp connection with both sides having 28/6 i can see over 600KBit, which is great, simply changing to sstp, both sides see 350mbit max, its a huge hit
i have a map2n behind a router doing sstp 100/100, it barely breaks 3/2mbit, using a win7 with sstp client, speeds are significantly better, i have also notice it changes over mikrotik levels, my best speeds on sstp were version 6.7
all of this is repeatable easily
I consider TCP-based tunnels like SSTP to be tunnels “of last resort”; see Why TCP Over TCP Is A Bad Idea. You only run them if you have absolutely no other alternative (e.g., either end of the tunnel is behind a firewall that you have no direct control over, or perhaps in the case of SSTP specifically, security is valued over performance).
Experiences will vary wildly depending on exact conditions, and running a tunnel like that over the internet instead of over a LAN exponentially compounds the number of variables that you have to account for (most of which you have absolutely NO control over) in order to have a “perfect” experience. I doubt there is anything that MikroTik can do about this. If you want to prove this to yourself, substitute an SSTP concentrator that isn’t RouterOS based on one end and an SSTP client that isn’t RouterOS based (e.g., Windows) on the other, and repeat your experiments. I bet that your experience will not be that much different than what you see with MikroTik gear.
As they say, “your mileage may vary”.
– Nathan
To recap:
SSTP-server:
850Gx2 on a 160/10 megabit connection (getting about 9 megabit upload on average - untunneled). Running ROSv 6.27
SSTP-client:
Windows 7 on a 60/4 connection (getting about 3.2 upload on average - untunneled)
My latency is pretty low: 12 - 18 ms without SSTP and around 30 - 35 with SSTP. Moreover, the RB850Gx2 SSTP-server is only 6 kilometres from the location where I connect to it with my Windows 7 SSTP-client. Note that the 850Gx2 forwards traffic to the internet - so traffic is flowing through the router - and a doubling in latency is just what I would expect when using the tunnel. CPU does not go over 10% I believe. CPU load is definitely NOT an issue.
Can you recommend another SSTP server? I’ve got a Windows server 2008 but it’s hard to move to the 160/10 location. Are there dedicated SSTP concentrators available?
funny note: when using the 60/4 connection as the SSTP server, I do get the complete 3.2 megabit of bandwidth. A Routerboard 450G with ROS 6.15 is running there.
How can you get over 600 megabit if the maximum upload on both sides is only 6 megabit?
typo i fixed it
simply connecting with a windows 7 client, and the speeds greatly increase, from the same connection point, back to the same sstp server.
i also have shown a huge difference in performance on 6.7 vs newer versions of 6.x but some of my devices can’t run at 6.7
I’ve got some more interesting information.
A friend has a 10/10 connection and has connected to my 160/10 SSTP-server. Limiting the SSTP connection to 7/7 got a stable 784 kilobyte per second connection (± 6.3 megabit). Limiting to 8/8 got the connection to 900 kilobyte per second. (± 7.2 megabit). The connection was stable the whole time downloading a 982 megabyte large Ubuntu ISO. At most it fluctuated 50 - 60 kilobyte per second when capping tot 8/8. When capping to 7/7 it did not seem to fluctuate at all!
Not limiting the SSTP connection got a fluctating connection between 1100 kilobyte per second and 500 kilobyte per second. Numbers went up and down all the time.
So why on earth is a 10/10 connection getting 900 kilobyte out of the SSTP when I, with my 60/4 connection, am only getting about 560 kilobyte per second (± 4.5 megabit).
Oh yeah, the friend is about 50 kilometres away from the SSTP server. Me only 6.