New on LowEndTalk? Please Register and read our Community Rules.
What's the fastest VPN protocol?
Just wondering, what's the fastest VPN protocol?
Most links I see on the web are from commercial VPN providers, they might have their own agenda. I am also not concerned about server location, and also not with privacy.
Currently I use PPTP, L2TP OpenVPN and also some testing with Shadowsocks.
Comments
WireGuard should be the fastest. But it's still experimental for now.
Well, I need something that can work with an Android Client
pptp
GRE tunnel /s
I feel like this is a loaded question, like what is the best car?
VPN will depend on what ports are blocked, where your located, where the VPN server is located, what route it takes to the VPN server. And that's just to start.
What? The question is pretty simple... He asks specifically about protocol and is not concerned with encryption/privacy.
Any reasonable person would assume the following:
@Jonchun
Generally yes. I like to setup something for a China trip. So I just wonder what to setup (I have already PPTP, L2TP and OpenVPN via a NAS, and it works, but it's out of the box and I can't edit anything).
I just like to try some different protocols and see how that goes, whether it's better or not.
Is encryption important? Different protocols have different encryption, some better than others and some have the option of setting the encryption which may impact performance.
PPTP shoud be the fastest, because its encryption is simple & weak. Modern VPN protocols implement more complicated encryption methods, therefore slower.
But if you're coming to China,PPTP will be the fastest ... to be blocked well before your trip ends, lol. OpenVPN also gets blocked quickly.
Try Shadowsocks (socks proxy, not VPN), or Anyconnect / ikev2.
Actually, protocol speed is the last thing to concern. First you have to find a VPS with fast connection to China.
If we are talking UDP then openvpn hands down.
But for TCP, softether beats any other protocol, as long your server is properly configured.
Performance comparisons:
https://www.softether.org/@api/deki/files/12/=1.3.jpg
If you want specifically a VPN then something UDP based i.e UDP OpenVPN or Tinc.
If you are willing to accept a tunnelling (encapsulation only) protocol then IP-in-IP, GRE, Wireguard (that order)
Reminds me of "which is the fastest door lock?".
Anyconnect / ikev2 will be more safer bet in china, or some complex shadowsocks setup with obfs.
In my limit knowledge, I think GFW have just gain the ability to detect is a shadowsocks server running on some ip:port, but not massively use this ability to block ips.
from what I see, shadowsocksR is the fastest and safest at this moment.
you can get it set on PC/IOS/Android, and cool thing with it, is you could even proxy the specific software
Not one of those stupid WiFi ones.
Of course not. Only the best -> lock with an app over G4!
G4? Well look at mister fancy-pants!
I did some life tests with Unicom Mobile:
27ms 113M 39M - No VPN
27ms 67M 31M - Shadowsocks (via EU server)
47ms 26M 8M - PPTP HK
58ms 23M 2M - OpenVPN HK
L2TP wouldn't connect
I am a bit puzzled by the Shadowsocks speed. Does not sound real. I tried to load a 240p Youtube video and it loaded only very slow.
In my experience PPTP is the fastest. A few years back I was in a hotel and experimenting with PPTP, OpenVPN, and L2TP with Netflix and PPTP was the only protocol that would give me HD streaming with Netflix, the others couldn't.
IPSec is the fastest secure connection. It's lower in the network stack, and as such it doesn't have the overhead SSL based VPNs do.
L2TP/IPSec is the most common IPSec combination. This is an industrial solution, and as such it's most commonly used in site-to-site VPNs or with demanding users who are pretty static.
IKEv2/IPSec is very similar to L2TP/IPSec except it's better at dealing with users switching networks, and it's a little bit speedier then L2TP.
OpenVPN is a nice product, and it provides decent speed. It's probably the easiest to get through a hostile firewall since it's just an SSL connection. IPSec is great, but it's pretty easy to block it.
PPTP is insecure, and it shouldn't be used.
I haven't tried Shadowsocks, so I can't comment.
It honestly depends how you configure either protocol. (my OpenVPN server can push over 200 mbit/s on TCP, with SSL.)
If you're in China, scrap that. Shadowsocks is one of the best options for bypassing the Great F*cking Wall of China.
Cheap me now did setup shadowsocks on a raspberry pi and hocked it up with a router on a fiber-line. Works perfectly. Worked in China also most of the time (but not all the time), would say 95% fine. I did a simple vanilla setup.
Here is one issue maybe somebody can explain: how I can measure speed? I did a speedtest on data and speed was 77M - I think that is a little bit fast and I presume the speedtest does not run via shadowsocks. Can I force speedtest to run visa SS?
Im interested with your methodology.
..like how you even ping with shadowsocks.
Why should I use a VPN if I do not care about privacy?
Otherwise you should probably ask for tunnel protocols like GRE, L2TP or other simple IP-in-IP encapsulation protocols without any encryption.
Simply to access a site. I don't talk illegal stuff, I want to access things like Facebook, Dropbox, Google that are blocked (blocked, not illegal) in China. I don't need any higher level of privacy that I have with normal surfing.
Interesting benchmarks.
What about ARM platforms without AES instructions?
In that case you can also try to get a VPS with good connectivity (near to your location, low latency, good throughput, less and not congested peerings involved), run a proxy on it and connect to it through a SSH tunnel. It eliminates the additional L3 overhead of lower level tunnel protocols. For this purpose various NAT VPS boxes are doing a great job for small budget (probably cheaper than most VPN providers).
Polipo works well as a lightweight proxy. Take care to only bind it to localhost. Then you can build a simple SSH tunnel and use the tunneled port as your local proxy. To route only certain requests/domains through your proxy you can use a proxy.pac file in your browser which is really convinient. This way you can surf the web regularly and access sites like Facebook through your proxy automatically.
Sorry for being out of topic.
Is it possible or it's just me that have no clue for what should I type. Seeing the search result feels like me against the world.
+1 Softether