Any idea where the bottleneck was there? CPU use? Protocol latency? I'd be interested to see some test results around that if you know of any that have been published.
A little anecdotal information: some years ago I did a CPU-load test with OpenVPN on a diminutive Atom-based netbook as the client, and it maxed out at around 95mbit/s on a 100mbit/s network (actually a gbit network, but the netbook only had a 100mbit NIC itself) while just doing simple bulk transfers.
>It is easily possible to saturate a 100 Mbps network using an OpenVPN tunnel. The throughput of the tunnel will be very close to the throughput of regular network interface. On gigabit networks and faster this is not so easy to achieve. This page explains how to increase the throughput of a VPN tunnel to near-linespeed for a 1 Gbps network.
I think the protocol just wasn't designed for such high speeds.
It certainly doesn't use multiple cores for a single connection, though I've never tested (or reviewed the code) to see if it does manage to spread the computational load of multiple connections over more CPU resource.
I've not read the above linked article in detail (no time ATM) but there seems to be mention of offloading AES calculations to compatible hardware, so the bottleneck would appear to be CPU use.
Does using multiple cores on a single NIC actually speed up a network connection? If you're doing gigabit with 1500 byte packets, you get 12 ms to encrypt and process each packet -- I'd expect any cross-CPU synchronization to easily blow through that.
Earlier you claim you will only ever hit ~300Mbit, but then you link to an article where the author hit 885Mbit throughput after tweaking a few settings and ensuring OpenSSL was using AES-NI.
PFSense on a cheapish high clockspeed server will easily get there. Total cost about a grand, a bit more if you want to use a low power no fan solution.
I would like to know a bit more about this as well.
I often play online multiplayer games, my main issue with using a vpn full time would be the performance impact here.
I'm also curious if PIA has a way where if I launch certain apps, it would pause itself while that application is running? Or some way to automate on/off state of the VPN.
I doubt it would affect your speed much. How often are you able to utilise 1Gbps anyway?
Sure in theory you'd see a slow down, but given that most of the sites and service you use aren't able to deliver 1Gbps to you directly, the decrease in speed is most likely lower than you'd think.
With OpenVPN you will bottleneck at ~300Mbit\s. With IPSec and Wireguard I have had no issues getting ~900Mbit\s to my own server.