Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
anton02112022-03-17 16:20:21
VPN
anton0211, 2022-03-17 16:20:21

Why are sites opening slowly through mikrotik with Wireguard?

Good afternoon.
Tell me which way to think.
There is a VPS with RouteOS 7.1.3 installed there - two interfaces: ether1 (MTU 1500) and wireguard (MTU=1420). I use the network 198.0.0.1/24
There is a physical mikrotik client with RouteOS RouteOS 7.1.3 - it has a local network 192.168.0.1. I also made wireguard (MTU=1420). The connection between the client and the server is working, the pings are coming, the routing is configured. This client is connected to the Internet via pppoe (MTU = 1492).
The second client is an Android smartphone with the wireguard application - everything works perfectly.

Problem: If you try to access some sites by sending traffic along the route: PC - MicroClient - VPS - Internet, then the sites load very slowly, and some do not load at all. And through the WireGuard software, everything works quickly and without problems.
I read that the problem may be in MTU - but all attempts to configure it did not lead to anything ...
And the exact same problem was with L2TP + IPSec - sites also slowed down

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

5 answer(s)
Report
V
Viktor, 2022-03-17
@alhray

router cpu loading?

Report
Z
Zolg, 2022-03-17
@Zolg

ICMP as on a firewall is destroyed?
And inside wg runs only IPv4, or IPv6 too?
If (and) IPv6, then firstly, for a link with mtu 1492, mtu wg should be (no more) 1412, otherwise it won’t fit
Well, such IPv6 multihoming itself is not very easy to implement if there are no extra blocks of addresses and do not use non-Orthodox for v6 NAT

Report
R
Raven1382, 2022-04-02
@Raven1382

fasttrack enabled?

Report
E
Eugene, 2022-04-14
@9112

set on the client (PC) MTU not higher than MTU WG.
faced with similar, only I did not get a connection with servers using Qrator. At the same time, the connection passed correctly on the tick. When removing the dump, it turned out that SSL does not rise when connecting to sites. As a result, I decided to lower the MTU on the client (in my case 1420).

Report
R
Ragnar Black, 2022-05-01
@Ragnar1

Do you have CHR there? Activate the license through your personal account on the MikroTik website.
By default, on CHR in free mode, all ports work at speeds up to 1Mbps

Similar questions
L
levap2014-12-04 14:11:04
How to link multiple client subnets through an OpenVPN server? 2Reply
A
Anton Piskunov2014-12-05 05:44:27
How to forward traffic to the server in the internal network? 1Reply
M
Michail2021-01-07 22:42:56
Why can't I log in to vpn on ike2? 4Reply
D
dusun2016-12-06 15:44:54
How do I set up my router to connect to a private VPN? 1Reply
K
Kwad2021-01-10 20:20:15
How to deploy OpenVPN for certain Windows 7 interfaces? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question