Hi,
I have a traditional single network (192.168.1.0/24) home network powered by a hap ac2. wlan1, wlan2 and the ether interfaces are parts of a bridge.
Now I got a set top box for certain vod and live tv from a local provider connecting on ether2 of the router. It's working fine, however its often laggy at night I assume due to my ISP's too saturated link to the other provider.
I want to set up cloudflare warp that provides a working wireguard setup to have a better peering. On the router I have a working wgcf interface, I can now ping and fetch with it.
Then comes the questionable part. I want to route all traffic from the ether2 interface to wgcf but leave the rest of traffic using my ISP's default gateway. On the other hand I also want to be able to access the box on my local network so the remote control app works.
Therefore I created a NAT masquerade rule for the wgcf interface then created a route mark rule where I specified everything that's not with the destination network 192.168.1.0/24 and it comes from ether2 should be marked. Finally I created a simple default route for this route mark to wgcf.
The setup works fine, however establishing connections take a hella lot of time on the box while the router's CPU isn't used much. Once the connection is established after a few seconds its able to get 100 mbit/s downloads which is fine.
What's the bottleneck? I know the hap ac2 isn't a super powerful hw, but I thought it should handle this scenario at least quite decently.
If I set up IP based routing to wgcf, the connections are instantly established and everything is fine. However the provider uses many IPs and I don't want to maintain an IP list.
I also cannot set up wireguard directly on the set top box as its really closed down.
Any ideas? Much appreciated