this post was submitted on 23 Aug 2023
14 points (93.8% liked)

Selfhosted

37825 readers
523 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
ruud
Loki
CannaVet
devve
HybridSarcasm
[email protected]
14
Need some help (self.selfhosted)
submitted 10 months ago by urbanmoth to c/selfhosted
5 comments fedilink hide all child comments
 

Hello,

I am hoping someone can point me i the right direction here. I have a weird home networking issue which I just do not understand at all. My set-up is a Ubiquiti USG-Pro 4, connected to a managed 8 port ubiquiti switch and then a generic 24 port unmanaged switch with various kit plugged into it including a qnap NAS running container services such a PiHole, Deluge, Plex, Nextcloud etc.

I have 3 access points (PoE) connected to the 8 port switch to run my wireless network and I also run some wired and wireless cameras with Unifi Protect

Everything runs fine EXECPT.....

Whenever any device (laptop \ mobile \ container running within the NAS \ whatever) connects to my VPN provider (ProtonVPN) and starts to download any sizeable data via that VPN link, my network latency on the USG goes from an average of 16 ms up to a network breaking 500+ ms.

I have tried....

  • Turning off all IPS \ IDS \ traffic monitoring on the USG
  • Completely replacing my generic unmanaged switch for another brand
  • Downloading torrent files from P2P networks
  • Downloading large files directly from the internet
  • Removing PiHole as my DNS server (switching directly to 1.1.1.1)
  • Using OpenVPN and Wireguard protocols

I have experimented downloading from the QNAP NAS, from a wireless connected laptop, from a mobile phone, from a wired computer with and without the VPN connected.

Without the VPN - all is good, speed is good (I have a 500GB down ISP connection) and latency is good (well below 18 ms at all times)

With the VPN - all starts fine but within 30 seconds or so latency is up at above 500ms and the rest of the network slows to a crawl.

I am staring to think that this may be an issue with the processing capabilities of the USG? or am I missing something really obvious here. Any advice appreciated.

top 5 comments
sorted by: hot top controversial new old
[–] bigredgiraffe 2 points 10 months ago (1 children)

You may be right about the processing power, that device was underpowered when it was new. Do you have the VPN terminating on the USG or on the end device?

Also, do you have smart queuing disabled on the WAN interface? That causes all kinds of issues on higher bandwidth connections.

[–] urbanmoth 1 points 10 months ago* (last edited 10 months ago) (1 children)

I have tried smart queues on and off - no difference. The VPN is terminated on the client at my end - this is why I am finding this so confusing. Someone else has suggested it may be my ISP throtttling VPN traffic which actually would make more sense than the USG processing power to my mind. :(

{edit} mind you - that would not impact local network traffic so that cannot be it !

[–] bigredgiraffe 1 points 10 months ago (1 children)

That’s interesting, this definitely is an odd problem for sure haha. Another wild idea, do you have jumbo frames enabled anywhere on your network?

As for the ISP, it might be, have you tried multiple VPN providers to see if the problem follows between them?

[–] urbanmoth 1 points 10 months ago (1 children)

Jumbo frames not (and never has been) enabled. Yes, I think my next investigations is going to be the VPN itself. If I ever track this down I'll post back just for closure :) Driving me nuts!

[–] bigredgiraffe 1 points 10 months ago

Please do! I am real curious now, this is definitely something weird haha!