I've just got OpenVPN running on my BT HomeHub 5A. Looks like there are two procossors on the box as TOP is reporting overall 44% CPU while OpenVPN is showing about 90% CPU.
Speedtest.net shows only 7.4Mbps as compared to about 53Mbps when the VPN is turned off.
Is this to be expected? I'm not doing MASSIVE data transfer. I'm using AES-128-CBC
Basically there are in-kernel VPNs like L2TP, IPIP and tun/tap device VPNs.
OpenVPN uses the tun device and this causes context switches and the encryption is not offloaded to hardware on most machines because the vendors don't release GPL drivers for their crypto engines if they exist at all.
You could try wireguard.io - that uses fast modern crypto that is also quite fast on MIPS and is a in-kernel VPN.
On their mailing list they reported up to 60mbit/s on a 841N TP-Link router - so this might work for you.
The datasheet from Lantiq for the chipset used in the HH5A says there's a "Data Encryption Unit for IPSec". The question then becomes does LEDE for the HH5A support that embedded crypto engine, or if it's OpenVPN that needs to do so whether that supports it.