Is Pi3 fast enough to use it as VPN device?

Tue Oct 25, 2016 5:15 pm

Hey guys,

I'm about to put one of my Pi 3's to a good use for a VPN project. The internet in my country is censored like crazy. Many great websites such as pastebin and imgur are blocked. Not even gonna mention rampant state surveilance...

But whatever, I'd like to consult you guys about network speed.

Firstly, my download speed is 25Mbps (3125kb/s) and upload speed is 6Mbps (750kb/s). Here's the way I plan to make the whole thing: Incomming connection will be via ethernet interface, then Pi will login to my VPN service provider and broadcast the VPN enabled internet connection as a wi-fi SSID. I will be using this 5ghz ac adapter for it: I don't intend to use Pi's internal wi-fi module because I think it is a bit slow. Since both ethernet and USB ports share the same bandwidth, do you think Pi3 will get bottlenecked?

Another thing I'd like to ask is, whether this is gonna introduce some major lag or not (aside from my VPN service provider's performance). Because I play lots of multiplayer games on my PC and ping is very important for me. Mostly my ping is around 50 and I'd like to keep it there.

Re: Is Pi3 fast enough to use it as VPN device?

Wed Oct 26, 2016 8:56 am

If you search I think you'll find a few performance figures regarding VPN use, at least with openvpn.
This is what I use and transfer bandwidth through a tunnel over a wired LAN between a Pi and a larger server is about 30Mpbs. Not wire-speed, but DSL-speed.

Regarding ping, it doesn't really suffer from going through the tunnel. I've just tested pinging a (wired) host on my site and saw:
1 - from a desktop directly on the LAN (=without VPN), wired: round-trip min/avg/max/stddev = 0.394/0.437/0.483/0.036 ms
2 - on a Pi, through the tunnel, wired: rtt min/avg/max/mdev = 1.011/1.132/1.292/0.121 ms
3 - same desktop using Pi as AP (v.good wifi link), then going through the tunnel: round-trip min/avg/max/stddev = 8.054/9.227/10.020/0.847 ms
And this is what I get with the same Pi, through the tunnel, but this time pinging a wired host on a remote site (= through 2 consumer-grade gateways, 1 fast, 1 slow): rtt min/avg/max/mdev = 20.359/20.926/21.232/0.418 ms

If ping matters, I would ditch wifi, that's the only part of the path under your control.
As a VPN endpoint, I consider Pi 3 as "transparent" over consumer-grade internet connections. And it is reliable (with openvpn in my case.)
You could also look at routers that can offer true (gigabyte) wire speed over VPN. You can probably get a good one (with intel NICs) for 2 or 3 times the budget ; more expensive but not too crazy either.
