Thanks for your reply. I have run htop to observe the CPU consumption during this test, and the CPU(s) go up only to 10-20%. So the CPU doesn't seem to be the bottleneck.
I didn't change the MTU settings, but I have a suspicion about MTU. I found this article here that makes some interesting suggestions to set MTU to 1280: https://keremerkan.net/posts/wireguard-mtu-fixes/ And beyond that iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu On Wed, 1 Jun 2022 at 09:51, Janne Johansson <icepic...@gmail.com> wrote: > > Den ons 1 juni 2022 kl 09:49 skrev Houman <hou...@gmail.com>: > > Hello, > > I'm compiling the latest stable Wireguard on Debian 11. > > git clone https://git.zx2c4.com/wireguard-tools > > make -C wireguard-tools/src -j$(nproc) > > sudo make -C wireguard-tools/src install > > > > However the speed is not that impressive. I have a VPS with 4 vCores > > and 8 GB RAM on 1 Gbps network. The VPS is located in London and so > > am I. > > > > With wireguard enabled I get 117 Mbps > > Without wireguard I get 506 Mbps > > > > That's a drop of 75%. What are the factors to improve the download rate? > > That seems like very poor values, I would make two tests, one local to > the VPS and one test local to the other end (which you left out of the > description) and see which one is the limiting box. People (including > me) have easily gotten speeds at 1-2 gigabit on 10GE networked > computers and VPSes and several gigabits on loopbacks, so the fault is > not simply using wireguard. > > If you check the results of the nightly builds for x86_64 at > https://www.wireguard.com/build-status/ you find several iperf3 runs > that end up over 2-3 Gbit/s when a box is talking "to itself" so it's > not the crypto or the tunnel that prevents you from filling up the > gigabit link. Perhaps the VPS isn't giving you a lot of cpu? Perhaps > the test reacts poorly to the lowered MTU for using (any) tunnel in > between? > > -- > May the most significant bit of your life be positive.