How much flash memory needed for Open VPN service?

Post new topic   Reply to topic    DD-WRT Forum Index -> General Questions
Author Message
New Daddy
DD-WRT Novice


Joined: 22 Jun 2015
Posts: 38

PostPosted: Wed Feb 07, 2018 7:55    Post subject: How much flash memory needed for Open VPN service? Reply with quote
I'm in the market for a new router.

How much flash memory should I look for if I want to have Open VPN tab under the Services menu?

(I have a previous experience of buying a cheapo TP-Link that had only 4MB of flash memory and couldn't run Open VPN.)
Sponsor
Xeon2k8
DD-WRT Guru


Joined: 11 Feb 2016
Posts: 1288

PostPosted: Wed Feb 07, 2018 8:50    Post subject: Reply with quote
Well I would worry more about the SoC power than the memory. Let's say you buy a used one with the bare minimum of flash to have OpenVPN, I'm pretty sure the SoC will crawl on the floor when you use it. To have a reference the R6400 around 90 EUR, would do ~40mbps.
_________________
R6400v2 (boardID:30) - Kong 36480 running since 03/09/18 - (AP - DNSMasq - AdBlocking - QoS)
R7800 - BS 31924 running since 05/26/17 - (AP - OpenVPN Client - DNSMasq - AdBlocking - QoS)
R7000 - BS 30771 running since 12/16/16 - (AP - NAS - FTP - SMB - OpenVPN Server - Transmission - DDNS - DNSMasq - AdBlocking - QoS)
R6250 - BS 29193 running since 03/20/16 - (AP - NAS - FTP - SMB - DNSMasq - AdBlocking)
New Daddy
DD-WRT Novice


Joined: 22 Jun 2015
Posts: 38

PostPosted: Wed Feb 07, 2018 11:24    Post subject: Reply with quote
Xeon2k8 wrote:
Well I would worry more about the SoC power than the memory. Let's say you buy a used one with the bare minimum of flash to have OpenVPN, I'm pretty sure the SoC will crawl on the floor when you use it. To have a reference the R6400 around 90 EUR, would do ~40mbps.


I have no idea what SoC power is.

I'm also in the market for a new router. Wouldn't new routers with sufficient RAM also have SoC power, whatever that is?

I'm not saying that any specs should go up hand in hand, but they usually tend to do.
Xeon2k8
DD-WRT Guru


Joined: 11 Feb 2016
Posts: 1288

PostPosted: Wed Feb 07, 2018 11:47    Post subject: Reply with quote
New Daddy wrote:
Xeon2k8 wrote:
Well I would worry more about the SoC power than the memory. Let's say you buy a used one with the bare minimum of flash to have OpenVPN, I'm pretty sure the SoC will crawl on the floor when you use it. To have a reference the R6400 around 90 EUR, would do ~40mbps.


I have no idea what SoC power is.

I'm also in the market for a new router. Wouldn't new routers with sufficient RAM also have SoC power, whatever that is?

I'm not saying that any specs should go up hand in hand, but they usually tend to do.

Man you need to learn how to google a little bit.

Thanks @eibgrad.

And answering to your question. No. Almost every modern router can run OpenVPN nowadays storage&RAM-wise, but very few can go over 30 or 40mpbs on VPN.

_________________
R6400v2 (boardID:30) - Kong 36480 running since 03/09/18 - (AP - DNSMasq - AdBlocking - QoS)
R7800 - BS 31924 running since 05/26/17 - (AP - OpenVPN Client - DNSMasq - AdBlocking - QoS)
R7000 - BS 30771 running since 12/16/16 - (AP - NAS - FTP - SMB - OpenVPN Server - Transmission - DDNS - DNSMasq - AdBlocking - QoS)
R6250 - BS 29193 running since 03/20/16 - (AP - NAS - FTP - SMB - DNSMasq - AdBlocking)
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 6410
Location: UK, London, just across the river..

PostPosted: Wed Feb 07, 2018 22:52    Post subject: Reply with quote
in order to run decent VPN service, just to presume you d need router with min 8 MB flash size or more and at least dual core CPU....
best advise Netgear R6400 or R7000 or R7800 the routers are in graduate order
price/performance vallue

_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55460 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55460 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
New Daddy
DD-WRT Novice


Joined: 22 Jun 2015
Posts: 38

PostPosted: Thu Feb 08, 2018 5:33    Post subject: Reply with quote
eibgrad wrote:
I believe all Xeon2k8 is saying is that you need a router w/ a LOT of CPU processing power, at least if you want peak performance. Something like the Netgear 7800 or Linksys WRT1900ACSv2 (there are other router options, those just immediately come to mind).


I see. I had no idea that VPN service requires lots of CPU processing power.

I wrongly assumed that whatever heavy work is being done by the VPN service provider and that my router is just being fed the encrypted signal.

So if I'm getting only like 20Mbps with VPN, I guess my TL-WDR4300 is at least partially to blame.

Another reason to get a new router!
New Daddy
DD-WRT Novice


Joined: 22 Jun 2015
Posts: 38

PostPosted: Thu Feb 08, 2018 12:16    Post subject: Reply with quote
eibgrad wrote:
There are two ways to look at it. You can either beef up your router, or else place the responsibility for the OpenVPN client on a PC running Windows or Linux, then route specific devices through it.

IOW, the PC becomes an alternate gateway. Most modern PCs have plenty of horsepower (and memory) to run the VPN without breaking a sweat. So why place all the burden on your router? Esp. if you're already running a 24/7 server or 24/7 desktop.

Sometimes you don't even know you already have an OpenVPN client elsewhere on the LAN. Many NAS devices support OpenVPN! And while you might not get the performance of a PC, it's probably better than your average router.


I have a NAS - a synology diskstation. I found instruction on their website too: https://www.synology.com/en-global/knowledgebase/DSM/help/DSM/AdminCenter/connection_network_vpnclient.

But where do I go from here?

With their instruction, I can get my NAS connected to a third-party OpenVPN service. How do I have my device - my Roku for example - go through my NAS?
New Daddy
DD-WRT Novice


Joined: 22 Jun 2015
Posts: 38

PostPosted: Thu Feb 08, 2018 16:24    Post subject: Reply with quote
eibgrad wrote:
That's good news!

Under the VPN profile (I believe that's where it is), make sure you enable both "Use default gateway on remote network" and "Allow other network devices to connect through this Synology server's Internet connection".

There are many ways to configure clients to use the Synology as their gateway. And what makes the most sense depends on several factors. If you only have one device, for example, the easiest solution is to manually configure the Roku w/ a static IP, netmask, and use the Synology's LAN ip as the default gateway (whereas normally you would have specified the primary router's LAN ip). And of course specify your preferred DNS server(s), e.g., 8.8.8.8 and 8.8.4.4 for Google DNS.

I would just do that one test and see if it works. And to determine if the performance is to your liking (which may require trying this on a PC instead so you can use speedtest).

If you need to support multiple devices, you can do the same thing. But if you want to have ALL your devices use the VPN, then configuring individual clients becomes a hassle. In some cases, you may not even have that option. You'd better off chaining the default gateway returned by DHCP on the router to be that of the Synology. But that's not important at the moment. Just get one device working to make sure it works at all.


Ok, I'm definitely getting in over my head, not being network-savvy.

Is there some benefit to be had by building my VPN route through my NAS as opposed to a good router, other than maybe saving money?
New Daddy
DD-WRT Novice


Joined: 22 Jun 2015
Posts: 38

PostPosted: Mon Feb 12, 2018 0:20    Post subject: Reply with quote
eibgrad wrote:

I would just do that one test and see if it works. And to determine if the performance is to your liking (which may require trying this on a PC instead so you can use speedtest).


I've followed your advice and have set up my Synology NAS as the default gateway.

Oh boy... The speed gain is like night and day. I was only getting 4-6 Mbps through my router, but through the NAS, I'm easily topping 10Mbps. TV streaming shows no stutter! I've never experienced this before.

eibgrad wrote:
If you need to support multiple devices, you can do the same thing. But if you want to have ALL your devices use the VPN, then configuring individual clients becomes a hassle. In some cases, you may not even have that option. You'd better off chaining the default gateway returned by DHCP on the router to be that of the Synology. But that's not important at the moment. Just get one device working to make sure it works at all.


Now, how do I change the default gateway returned by DHCP on the router to be that of the Synology?
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> General Questions All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum