Raspberry Pi VPN Gateway Problem

S

Stugots

Supreme [H]ardness
Joined
Feb 25, 2004
Messages
7,255
I build a VPN gateway out of an old Raspberry Pi B 1+ (single core, 512Mb RAM) for my parents to use to stream International TV through an Apple TV 4.

The VPN gateway works and everything, but video will not stream over the VPN cleanly. Lots of pauses and just general interruptions in the steam. If I connect to the same VPN node through my iPhone and try streaming video it works perfectly. So my thought was maybe the old Raspberry Pi was causing a big bottleneck. I took a look at the system usage on the Pi while it was streaming video and I'm not seeing any obvious bottleneck. CPU is only around 20-25%, plenty of RAM free( 100-150mb), the NIC isn't being utilized much. Am I missing something that would show that the Pi is the bottleneck? I was told to look at IO wait time because of the Pi's notoriously shitty USB controller and everything hanging off of it.

If the Pi is the problem, would upgrading to a Pi 3+ give me enough power or should I look for something even more powerful.
 
Raspberry PI USB and Ethernet adapters are notoriously pretty lackluster.

Question: Do you only want their Apple TV to go through this VPN? Are you doing this by setting the static default gateway to the RPi rather than their normal home router?
 
Cmustang87 said:
Raspberry PI USB and Ethernet adapters are notoriously pretty lackluster.

Question: Do you only want their Apple TV to go through this VPN? Are you doing this by setting the static default gateway to the RPi rather than their normal home router?
Click to expand...

Yes, only the Apple TV needs to use the VPN. And yes, I have the gateway on the Apple TV pointed to the Pi.
 
I would scrap the idea of using a RPi for this and get something that will be easy for you to access/manage and handle the throughput. Get a Ubiquiti USG, they are about $130, however - so definitely higher than an RPi setup... but a far superior option.

https://www.ui.com/unifi-routing/usg/
 
Cmustang87 said:
I would scrap the idea of using a RPi for this and get something that will be easy for you to access/manage and handle the throughput. Get a Ubiquiti USG, they are about $130, however - so definitely higher than an RPi setup... but a far superior option.

https://www.ui.com/unifi-routing/usg/
Click to expand...

I cannot change the gateway/firewall out, ISP provided. It does not support any kind of bridged mode, and I'm not about to run double NAT.

I spent a bunch more time looking at it the other night and I still can't see any obvious bottleneck. The one new thing I did find was that I am only getting about 5MB/s of bandwidth over the VPN node that I'm connected through. Still doesn't explain why I can stream fine with the same VPN from my phone, but I'm wondering if that connection just doesn't have enough bandwidth for video. I started looking for an alternate VPN connection to use, but haven't finished yet.
 
I don't see why it would need to be double NAT. Apple TV would use default gateway as the USG, and the USG has the IPSEC tunnel built. The actual NAT would be on your ISP gateway still and just using the normal internet as your transit for the IPSEC traffic to your VPN provider. The USG would just be on a stick if that's supported.
 
Are you testing the same video stream on your phone? I would look for one of those cheap 100$ atom boxes on Amazon if you need more power.
 
Same video stream, same VPN service, same VPN server overseas.

The reason why I'm thinking that the Pi isn't my problem is because I get the same throughput from the VPN on my iPhone and on the Pi.

I'm going to be going to my parents tonight. I'll have some time to mess around and try to find a faster server.
 
I found a different VPN server that has better bandwidth and now everything seems to be working fine.

I've spent enough time screwing around with this to be able to say that a 32bit/512MB Raspberry Pi 1 is perfectly capable of handling my OpenVPN workload for this specific situation.
 
You must log in or register to reply here.
Back
Top