So I have an L2Tp/Ipsec connection between my house house in the USA and my house in Sweden in order to watch Swedish TV. Now I added a backup VPN server at my parents house but get much lower speed. I have spent about 200 hours trying to find what I have made different in this second setup but can't figure it out. Both sites have 100/100mbit connections.
Site 1. Is using a old RB850gx2 (ROS 6.49.2), it maxes out at around 50 mbit/s which is fine. I can see that the CPU usage is close to 100% so I am assuming that the CPU bottlenecking here..
SIte 2. Is using a RB5009 (ROS 7.0.5) . (I originally had an RB750Gr3 at this location and got the exact same results!)It maxes out at 35Mbits/s, with very low CPU usage.
Both site 1 and 2 uses a standard Mikrotik config where I have added a VPN-server.
Site 3, the VPN client, is using a RB750Gr3 (ROS 6.49.2). It is connected to internet via a bridged DSL modem, where the routerboard is also used as a PPPoE Client.
Since I can get good speeds between Site 1 and the Client. I have spent most of my effort on different configurations on Site 2. Things I tried playing around with is:
MTU/MRU : For the VPN connection, best speed seems to be if I set this to 1380
MRRU: Lowers the speed
Mangle-Change MSS: No difference
I am really not good at Wireshark so I do not know where to start to find out what is wrong here. One thing that have crossed my mind is that Site 1 and 2 uses different ISPs. Could it be something in the ISPs routing that is limiting the speed?
Is there any fundamental difference of how the 850gx2 and RB5009 handles MTU negotiation?
Thankful for any ideas...
Re: Annoying VPN problem
Yes, the fact that sites 1 and 2 have different ISPs can have an affect on the speeds you get as there are likely to have different network configurations (possibly including filtering) and tier 1 providers.
The other thing I noticed is that, for site 2, you are running ROS 7.0.5 but site 1 and the client site are running ROS 6.49.2. Are you able to downgrade site 2 to 6.49.2 and test to see if this makes any difference? You might want to take a look at the reports people have posted of speed issues after upgrading to ROS 7.1 (such as this one).
The other thing I noticed is that, for site 2, you are running ROS 7.0.5 but site 1 and the client site are running ROS 6.49.2. Are you able to downgrade site 2 to 6.49.2 and test to see if this makes any difference? You might want to take a look at the reports people have posted of speed issues after upgrading to ROS 7.1 (such as this one).