The content of this topic has been archived on 6 May 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.
Hi!
I will need a new router supporting OpenWrt and VPN client (OpenVPN).
My current (WNDR3700) router can only handle ~8MBit on download.
I do have a internet connection with 30MBit download and 10MBit upload.
The router itself need maximum 4 ports 1GBit LAN Ports, WLAN and a USB 2.0 connection.
I want to use NordVPN or similar VPN provider in future.
Somebody have any recomendation about a router supporting this speed and OpenWrt.
I don't think a consumer router can handle that speed running openvpn. You have to either use a commercial router or make a mini computer into a router and connect your wifi router to it. I think I saw a commercial one for $300-$400 once. I used Pfsense to make the VPN Router and OpenWrt for the wifi router. Then tell the wifi router to bridge. Note that I may be wrong and there may be a high end consumer router that can handle it. If you go the route of mini computer as the VPN Router, get a CPU that has AES-ni. If your going to try to use a consumer router, make sure its CPU supports AES-ni.
(Last edited by Ryu945 on 13 Oct 2017, 22:16)
Top end ARMv7 based routers (ipq8065, mvebu) should be significantly faster than single core mips 74Kc, by how much would be another question.
I should add that if you are using a regular router. Make sure that its CPU supports AES-ni. AES-ni is essential to running VPNs.
@Portisch
You can try a cheap D-Link – DIR860L B1 powered by a dual-core Mediatek MIPS processor
https://wiki.openwrt.org/toh/d-link/dir-860l
On OpenWRT I'm getting easily 24-25Mbps in both directions without ppoe and only killing (100% usage) one core. The second core is still available & able to run the rest of the jobs your router needs. You should also note that openvpn is not (yet) multi-core able.
Could you elaborate?
Are you talking about 25MBit/s "with no encryption at all, just plain routing and maybe NAT", observing only one of two cores is bussy and claining that the remaining core should be enough to do VPN? I have no clue about VPN performance, but I really doubt that 25MBit/s is the raw network performance of that device. Needs to be in the field of 400MBit or above.
Or are you talking about 25Mbit/s "with no PPPoE but with OpenVPN"? That I can believe.
@golialive
I guess I was clear enough, a little short I must admit.
The OP asked for a recommendation for a router that can handle 30Mbit/s through OpenVPN and I suggested a cheap router that can easily handle 25Mbit/s. Indeed, it gets this throughput on OpenVPN without the PPPoE overhead and not only with simple NAT but with some complicated firewall (iptables) packet filtering rules.
What would be the purpose of a VPN without Encryption? The one I used is the less demanding AES-128-CBC.
OpenVPN is not able to use a multi-core architecture, it's due to its code - not implemented yet, and it will load only one core at its limits at 25Mbit/s. The Mediatek CPU has a sort of Hyper-Threading but that won't help code (binaries - OpenVPN) that don't know how to use it.
Here you can find more details about the HW and also some throughput tests (including VPN):
https://wiki.openwrt.org/toh/d-link/dir-860l
I used a few of these routers for some SOHO implementations, where a Raspberry Pi (2 or 3) VPN Gateway was not really necessary. However, you should note that the OpenVPN shipped with OpenWRT is pretty stripped down (crippled) and I was not able to run some Point-To-Point scenarios I had in mind:
https://forum.openwrt.org/viewtopic.php?id=70755
The discussion might have continued from here.