Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Subscribe to our newsletter

Advertise on LowEndTalk.com

Latest LowEndBox Offers

    What's the fastest VPN protocol?
    New on LowEndTalk? Please read our 'Community Rules' by clicking on it in the right menu!

    What's the fastest VPN protocol?

    Just wondering, what's the fastest VPN protocol?

    Most links I see on the web are from commercial VPN providers, they might have their own agenda. I am also not concerned about server location, and also not with privacy.

    Currently I use PPTP, L2TP OpenVPN and also some testing with Shadowsocks.

    «1

    Comments

    • WireGuard should be the fastest. But it's still experimental for now.

      Thanked by 1Anna_Parker
    • @rm_ said:
      WireGuard should be the fastest. But it's still experimental for now.

      Well, I need something that can work with an Android Client

    • onemanshowonemanshow Member
      edited February 2017

      pptp

      Low Cost High Profit !

    • GRE tunnel /s
      I feel like this is a loaded question, like what is the best car?
      VPN will depend on what ports are blocked, where your located, where the VPN server is located, what route it takes to the VPN server. And that's just to start.

    • JonchunJonchun Member, Provider

      @bohdans said:
      GRE tunnel /s
      I feel like this is a loaded question, like what is the best car?
      VPN will depend on what ports are blocked, where your located, where the VPN server is located, what route it takes to the VPN server. And that's just to start.

      What? The question is pretty simple... He asks specifically about protocol and is not concerned with encryption/privacy.

      Any reasonable person would assume the following:

      • All ports are open.
      • the VPN is all running on the same server and location. This is purely about which protocol gives the best speeds.
    • @Jonchun
      Generally yes. I like to setup something for a China trip. So I just wonder what to setup (I have already PPTP, L2TP and OpenVPN via a NAS, and it works, but it's out of the box and I can't edit anything).
      I just like to try some different protocols and see how that goes, whether it's better or not.

    • Is encryption important? Different protocols have different encryption, some better than others and some have the option of setting the encryption which may impact performance.

    • BAKABAKA Member
      edited February 2017

      PPTP shoud be the fastest, because its encryption is simple & weak. Modern VPN protocols implement more complicated encryption methods, therefore slower.

      But if you're coming to China,PPTP will be the fastest ... to be blocked well before your trip ends, lol. OpenVPN also gets blocked quickly.

      Try Shadowsocks (socks proxy, not VPN), or Anyconnect / ikev2.

      Actually, protocol speed is the last thing to concern. First you have to find a VPS with fast connection to China.

    • If we are talking UDP then openvpn hands down.
      But for TCP, softether beats any other protocol, as long your server is properly configured.

    • SplitIceSplitIce Member, Provider

      If you want specifically a VPN then something UDP based i.e UDP OpenVPN or Tinc.
      If you are willing to accept a tunnelling (encapsulation only) protocol then IP-in-IP, GRE, Wireguard (that order)

      X4B - DDoS Protection: Affordable DDoS protection including Layer 7 mitigation with PoPs in the US, EU and Asia.
      Latest Offer: $14 in Asia DDoS mitigation
    • Reminds me of "which is the fastest door lock?".

      Thanked by 1vimalware

      My favourite prime number is 42. - \forall cpu in {intel, amd, arm}: cpu->speed -= cpu->speed/100 x irandom(15, 30) | state := hacked

    • bash99bash99 Member
      edited February 2017

      Anyconnect / ikev2 will be more safer bet in china, or some complex shadowsocks setup with obfs.

      In my limit knowledge, I think GFW have just gain the ability to detect is a shadowsocks server running on some ip:port, but not massively use this ability to block ips.

    • from what I see, shadowsocksR is the fastest and safest at this moment.
      you can get it set on PC/IOS/Android, and cool thing with it, is you could even proxy the specific software

    • @bsdguy said:
      Reminds me of "which is the fastest door lock?".

      Not one of those stupid WiFi ones.

      I won't be back until @bsdguy is released.

    • @WSS said:

      @bsdguy said:
      Reminds me of "which is the fastest door lock?".

      Not one of those stupid WiFi ones.

      Of course not. Only the best -> lock with an app over G4!

      My favourite prime number is 42. - \forall cpu in {intel, amd, arm}: cpu->speed -= cpu->speed/100 x irandom(15, 30) | state := hacked

    • G4? Well look at mister fancy-pants!

      I won't be back until @bsdguy is released.

    • dergelbedergelbe Member
      edited February 2017

      I did some life tests with Unicom Mobile:

      27ms 113M 39M - No VPN

      27ms 67M 31M - Shadowsocks (via EU server)

      47ms 26M 8M - PPTP HK

      58ms 23M 2M - OpenVPN HK

      L2TP wouldn't connect

      I am a bit puzzled by the Shadowsocks speed. Does not sound real. I tried to load a 240p Youtube video and it loaded only very slow.

    • KuJoeKuJoe Member, Provider

      In my experience PPTP is the fastest. A few years back I was in a hotel and experimenting with PPTP, OpenVPN, and L2TP with Netflix and PPTP was the only protocol that would give me HD streaming with Netflix, the others couldn't.

      -Joe @ SecureDragon - LEB's Powered by Wyvern in FL, CO, CA, IL, NJ, GA, OR, TX, and AZ
      Need backup space? Check out BackupDragon
    • edited February 2017

      @dergelbe said:
      Just wondering, what's the fastest VPN protocol?

      Currently I use PPTP, L2TP OpenVPN and also some testing with Shadowsocks.

      IPSec is the fastest secure connection. It's lower in the network stack, and as such it doesn't have the overhead SSL based VPNs do.

      L2TP/IPSec is the most common IPSec combination. This is an industrial solution, and as such it's most commonly used in site-to-site VPNs or with demanding users who are pretty static.

      IKEv2/IPSec is very similar to L2TP/IPSec except it's better at dealing with users switching networks, and it's a little bit speedier then L2TP.

      OpenVPN is a nice product, and it provides decent speed. It's probably the easiest to get through a hostile firewall since it's just an SSL connection. IPSec is great, but it's pretty easy to block it.

      PPTP is insecure, and it shouldn't be used.

      I haven't tried Shadowsocks, so I can't comment.

      Thanked by 1ehab
    • doghouchdoghouch Moderator
      edited February 2017

      It honestly depends how you configure either protocol. (my OpenVPN server can push over 200 mbit/s on TCP, with SSL.)

      If you're in China, scrap that. Shadowsocks is one of the best options for bypassing the Great F*cking Wall of China.

    • Cheap me now did setup shadowsocks on a raspberry pi and hocked it up with a router on a fiber-line. Works perfectly. Worked in China also most of the time (but not all the time), would say 95% fine. I did a simple vanilla setup.

      Here is one issue maybe somebody can explain: how I can measure speed? I did a speedtest on data and speed was 77M - I think that is a little bit fast and I presume the speedtest does not run via shadowsocks. Can I force speedtest to run visa SS?

    • miaumiau Member

      @dergelbe said:
      I did some life tests with Unicom Mobile:

      27ms 113M 39M - No VPN

      27ms 67M 31M - Shadowsocks (via EU server)

      47ms 26M 8M - PPTP HK

      58ms 23M 2M - OpenVPN HK

      L2TP wouldn't connect

      I am a bit puzzled by the Shadowsocks speed. Does not sound real. I tried to load a 240p Youtube video and it loaded only very slow.

      Im interested with your methodology.
      ..like how you even ping with shadowsocks.

    • dfroedfroe Member, Provider

      @dergelbe said:
      [... ] VPN protocol?

      @dergelbe said:
      [...] not concerned about [...] privacy.

      Why should I use a VPN if I do not care about privacy?

      Otherwise you should probably ask for tunnel protocols like GRE, L2TP or other simple IP-in-IP encapsulation protocols without any encryption.

      IT-Service David Froehlich | Individual network and hosting solutions | RIPE LIR services (IPv4, IPv6, ASN)

    • Why should I use a VPN if I do not care about privacy?

      Simply to access a site. I don't talk illegal stuff, I want to access things like Facebook, Dropbox, Google that are blocked (blocked, not illegal) in China. I don't need any higher level of privacy that I have with normal surfing.

    • Interesting benchmarks.

      What about ARM platforms without AES instructions?

    • dfroedfroe Member, Provider

      @dergelbe said:
      Simply to access a site.

      In that case you can also try to get a VPS with good connectivity (near to your location, low latency, good throughput, less and not congested peerings involved), run a proxy on it and connect to it through a SSH tunnel. It eliminates the additional L3 overhead of lower level tunnel protocols. For this purpose various NAT VPS boxes are doing a great job for small budget (probably cheaper than most VPN providers).

      Polipo works well as a lightweight proxy. Take care to only bind it to localhost. Then you can build a simple SSH tunnel and use the tunneled port as your local proxy. To route only certain requests/domains through your proxy you can use a proxy.pac file in your browser which is really convinient. This way you can surf the web regularly and access sites like Facebook through your proxy automatically.

      IT-Service David Froehlich | Individual network and hosting solutions | RIPE LIR services (IPv4, IPv6, ASN)

    • BAKABAKA Member

      dfroe said: run a proxy on it and connect to it through a SSH tunnel

      1. Good connectivity to China is expensive. Low- to mid-end VPS usually suffers packet loss (3%~60%) in the evening, which is not suitable for SSH tunneling at all.
      2. SSH connection is easily identifiable by GFW and gets blocked quickly if you use it to tunnel much data.
    • Sorry for being out of topic.

      Is it possible or it's just me that have no clue for what should I type. Seeing the search result feels like me against the world.

    • YKMYKM Member

      +1 Softether

      Thanked by 1Voss
    • ardaarda Member

      Another +1 for Softether. Easier to install, supports more protocols, (at least for me) easier to manage.

      Thanked by 1Voss
    • emgemg Member
      edited March 2017

      In the past, I used netperf to measure network throughput performance through various encrypted network protocols, including those used by VPNs. I ran netperf on the local LAN most of the time, but you can also run it over the internet.

      http://www.netperf.org/netperf/

      One possible issue is that if the network (internet) bandwidth between the client and the server is very low, you may not see any significant throughput difference between two different protocols. That can happen if the two protocols under test are able to keep up with maximum network throughput. (Yeah, there may be minor differences due to latency, context switches, etc., but you get the idea.) Allow me to point out that if the network/internet throughput is that slow, then it really doesn't matter which protocol you use, as long as it is secure.

      If you have a sufficiently high bandwidth network, then throughput may be limited by the resources on the client and server computers. If you are using VPSs, where resources are shared, then the available resources will vary from moment to moment, depending on what the other VPSs on the same host node are doing (and maybe the provider's overall network utilization, too). That makes replicating results difficult.

      Another consideration is how many resources each protocol requires. Even if two protocols can achieve the same throughput for a given client/server configuration, one protocol may require more CPU, memory, context switches, etc. that can degrade the overall performance of the systems. In other words, testing with netperf on an idle system may not yield a complete picture of overall system performance under load.

      Benchmarking can be tricky, n'est ce pas?

    • @BAKA said:

      dfroe said: run a proxy on it and connect to it through a SSH tunnel

      1. Good connectivity to China is expensive. Low- to mid-end VPS usually suffers packet loss (3%~60%) in the evening, which is not suitable for SSH tunneling at all.
      2. SSH connection is easily identifiable by GFW and gets blocked quickly if you use it to tunnel much data.

      what a smelly noob.

    • @sangdogg said:

      @BAKA said:

      dfroe said: run a proxy on it and connect to it through a SSH tunnel

      1. Good connectivity to China is expensive. Low- to mid-end VPS usually suffers packet loss (3%~60%) in the evening, which is not suitable for SSH tunneling at all.
      2. SSH connection is easily identifiable by GFW and gets blocked quickly if you use it to tunnel much data.

      what a smelly noob.

      Thread necro award goes to...

    • @dergelbe said:
      @Jonchun
      Generally yes. I like to setup something for a China trip. So I just wonder what to setup (I have already PPTP, L2TP and OpenVPN via a NAS, and it works, but it's out of the box and I can't edit anything).
      I just like to try some different protocols and see how that goes, whether it's better or not.

      As you are going to China, you shouldn't use traditional protocols, because they can be detected and blocked easily in China. The best thing you should use is shadowsocks (kind of easy) or v2ray(kind of complex). If you insist to use VPN, OpenConnect is relatively more stable than the traditional.

    • @dergelbe said:
      @Jonchun
      Generally yes. I like to setup something for a China trip. So I just wonder what to setup (I have already PPTP, L2TP and OpenVPN via a NAS, and it works, but it's out of the box and I can't edit anything).
      I just like to try some different protocols and see how that goes, whether it's better or not.

      Standard VPN protocols do NOT work in China. Do not use them, you will have your server's IP blacklisted.

      Shadowsocks (even with obfs) has been detected. You should try instead to use something like v2ray (mentioned above) or just buy a paid VPN service like vpn.ac. They monitor blocking in China and change their IPs when they get blocked.

    • Only use 2 myself OpenVPN and L2TP/IPSEC custom rolled and speeds I get from my Android 8 mobile speedtest are

      • no VPN direct = download 114Mbps
      • OpenVPN = 40-66Mbps
      • L2TP/IPSEC = 40-88Mbps

      Of course my VPN servers are within 10-40ms ping from me - chosen for proximity to get the best speed.

      * Centmin Mod Project (HTTP/2 support + ngx_pagespeed + Nginx Lua + Vhost Stats)
      * Centmin Mod LEMP Stack Quick Install Guide
    • @ehhthing said:

      Standard VPN protocols do NOT work in China. Do not use them, you will have your server's IP blacklisted.

      My question was a bit rhetorical. I was really just interested in the speed and not in the China issue.

      To the latter, Outline works well, so does ShadowsocksR. Great is also that you can channel V2Ray now through Cloudflare.

    • @dergelbe said:
      @ehhthing said:

      Standard VPN protocols do NOT work in China. Do not use them, you will have your server's IP blacklisted.

      My question was a bit rhetorical. I was really just interested in the speed and not in the China issue.

      To the latter, Outline works well, so does ShadowsocksR. Great is also that you can channel V2Ray now through Cloudflare.

      Well, Wiregaurd is probably your best bet for "fastest vpn protocol"

    • h2oh2o Member

      There is no best protocol but only the suitable is.
      Protocol is just a tool.

    • IKEv2

      Thanked by 1pike

      Two things are infinite: the universe and Hetzner; and I'm not sure about the universe.

      -Albert Einstein

    • doghouchdoghouch Moderator

      @h2o said:
      There is no best protocol but only the suitable is.
      Protocol is just a tool.

      What do you mean...?

    • OpenVPN and L2TP

    • wireguard is damn fast. testing it right now.

    • v3ngv3ng Member

      indeed, Wireguard is awesome

    • I vote for wireguard, it is easy to set up and it is fast. You can use it on Windows (unofficial client), Linux, Mac OS and Android. I am waiting for iOS client.

      Thanked by 1JerryHou
    • @tonyapac said:
      I vote for wireguard, it is easy to set up and it is fast. You can use it on Windows (unofficial client), Linux, Mac OS and Android. I am waiting for iOS client.

      Why is it better than shadowsock?
      Another question is which VPN / encryption is the most energy-saving?

    • @dragon1993 said:

      @tonyapac said:
      I vote for wireguard, it is easy to set up and it is fast. You can use it on Windows (unofficial client), Linux, Mac OS and Android. I am waiting for iOS client.

      Why is it better than shadowsock?
      Another question is which VPN / encryption is the most energy-saving?

      Literally Shadowsocks is not a VPN protocol, although it is very powerful, it was designed to break through the GFW. I did not say wireguard is better than Shadowsocks. They are two different tools.
      AES has less energy consumption, http://www.eejournal.ktu.lt/index.php/elt/article/download/7118/3654

    • ehhthingehhthing Member
      edited August 2018

      @dragon1993 said:

      @tonyapac said:
      I vote for wireguard, it is easy to set up and it is fast. You can use it on Windows (unofficial client), Linux, Mac OS and Android. I am waiting for iOS client.

      Why is it better than shadowsock?
      Another question is which VPN / encryption is the most energy-saving?

      Shadowsocks isn't a VPN protocol, it is just a socks proxy.

      Well, it depends on your CPU architecture, if you have a x86 CPU without dedicated instructions for AES, ChaCha20 is much faster, however it is slower on ARM. (This is assuming energy saving means faster, which is generally does since the faster something runs, the fewer CPU cycles it requires and thus the less energy it uses.)

    Sign In or Register to comment.