So I got a VPN. How do I optimize it?

VPN off = not good.

VPN on = ~9x ping and ~1/4 d/l speed.

It’s not like TWC / Spectrum was very good to begin with, but since I setup my VPN now I can’t play games online because my ping is too high. I can feel the glitches and some games flash the disconnected triangle icon.

TBH, I have no idea how I got Azire VPN + Open VPN to work. I followed the instructions, but there were 7 config files. I just tried them all until I got a connection. I am using the ‘AzireVPN-us(1).ovpn’ config file.

I realize that my crap connection has to go from Ohio to Sweden, get scrambled by their server and back to me, so I expected some physical slowdowns. But when the VPN messes with my Rocket League, we’re going to have a problem.

I know the simple answer is to turn off the VPN when gaming.
Is there a better answer?
Are there better OpenVPN config files? Do they need to be customized for each user?
Or are VPN’s only useful if one has good speedtest performance with bandwidth to spare?

You don't want to game over a vpn.
Post your config file and let see what we got going on.
Also even though I am trying to help from the numbers I am seeing we are not gonna probably reduce the ping much nor get your speeds up much faster.

3 Likes

I thought about that but it looks like gibberish to me. Thanks for the help.


# AzireVPN.com configuration generator
# Location: united states
# Protocol: tcp
# Port: 1194
# DNS-leak protection: yes

client
dev tun
proto tcp
remote us.ovpn.azirevpn.net 1194
resolv-retry infinite
auth-user-pass
nobind
persist-key
persist-tun
remote-cert-tls server
reneg-sec 0
keepalive 10 60

block-outside-dns

mute-replay-warnings

cipher AES-256-CBC
auth SHA512


-----BEGIN CERTIFICATE-----

[blanked]

-----END CERTIFICATE-----

key-direction 1

-----BEGIN OpenVPN Static key V1-----

[blanked]

-----END OpenVPN Static key V1-----

verb 3

yea your all set maybe pick a vpn closer to home and see if you can inch out a few more mbps. Also delete the certfificate and key from this post no one needs that info.

1 Like

You can't make a VPN faster.

You'll need to find one with a close server where you are if you ant to improve your latency.

1 Like

In another thread about choosing a VPN, I learned that the first criteria for a secure VPN is making sure the company and the servers are not in the US. That way US law can't force the VPN to turn over their records. I will take security over speed every day of the week, thank you very much.

I'm just going to turn it off while gaming, but it is noticeably slower even when simply browsing.

Pfsense router with WAN rules for your games :slight_smile:

3 Likes

This is correct; for security.

You cannot have security and gaming.

Because you're forcing all connections to go through one point far away it adds latency.

That's good! I'm glad you take your security seriously :smiley:

But there is no COTS solution for ?VPN while gaming, you will have to do as @Zumps says and do some tweaking yourself.

1 Like
  1. For gaming you need to pick the vpn with the lowest latency between you and the game server.
  2. For browsing Use the VPN's dns to lower latency. and/or use an application like namebench to find your quickest dns servers.
  3. For bandwidth pay for a better connection. I'm about 140 down on a 150 connection via pia when I pick the right vpn location.

That would be nice but I just paid for a year on the most secure VPN I could find in another thread. Azire VPN is in Sweden. I will just turn it off when gaming, which isn't very much.

I don't know what dns server means or how to do that. Can you help?
@sanfordvdev checked my config above. Do I have to edit something in there?

Where I live there are 4 choices. Normal, Turbo, Extreme, Ultimate Time/Warner/Spectrum which all suck. I am paying $75 for 24Mb/s. They made a big deal when earlier this year I got upgraded from 15Mb/s to 24 Mb/s for "Free!". Ultimate is $125 for 50Mb/s. But I doubt they can deliver on that promise. It doesn't seem worth it for the crappy service I get to be just a little bit faster. Ultimate 50Mb/s is still crap, so I won't pay more for Spectrum internet until they offer real broadband speeds.

If you have your vpn configured via pfsense...

If you are configuring via the network config in windows set the DNS in the windows dns section IF your vpn software or router or service provider aren't overriding your dns.

I'm not using pfsense. I think Azire uses OpenVPN. When I set it up I followed the instructions and the site asked questions and then generated a config file that I copied into the program folder. There is a line that says '# DNS-leak protection: yes'. Doesn't # usually mean a comment?

When I checked my Windows settings, both the IP and DNS server addresses are set to obtain automatically.

What do you need a VPN for? I never got it why people pay for vpn services when you can make one yourself for 5$/month and own it yourself/snapshot it/move it to another location/have unlimited users/use it as a basic web proxy/do your own DNS on it to block ads/do encrypted tunnels via ssh for any service you want. What I recommend is to get the cheapest vps box near your location you can find, install OpenVPN on it and route all your traffic through it, do it yourself, it's not so hard. How is it secure when someone, but not you owns it and all you're doing is blindly forwarding you traffic to their server? If you're paying for ready VPN services and want to be secure, however your understand that, you're doing it wrong. Having a VPN doesn't magically give you 20ping to your counter strike server and increase your connection speeds(unless your ISP is doing something very very bad) If you don't know why you want a VPN setup then you don't need one. Your latency and speeds are bad because the location of your vpn is bad, I'm surprised you're getting only 123 ping from Ohio to Sweden. On top of that you're doing TCP, TCP on your VPN is horrible for anything that needs low latency like gaming or VoIP, you're basically telling your game to use TCP and acknowledge every single packet when your game uses UDP, that's crazy overhead. You can game with a vpn, but that means you want to have under 40 latency to your server where you're hosting your vpn server, latency under 40 is meaningless.

I freely admit that I am not a network engineer (I am an engineer though), nor do I have any desire to learn how to do it right. I usually love learning, but networking frustrates me with all the acronyms I don't understand. I need a 'pay for someone else to host my VPN for me' solution. I tried to learn how to make a pfsense server from @Wendell's videos. I started to zone out after a while and when he started talking about experimenting with 20 user setups for fun, that's not fun or useful for me. Also, I only want one PC in my house. I read another thread about choosing a VPN and I went with the OP's choice because, Azire prides themselves on maximum reliable uptime of their servers and it's a no frills VPN with a minimum of add-ons or features and it is in Sweden.

I need a VPN because Wendell told me everyone needs something to prevent spying and data mining now that Ajit Pai is eviscerating the FCC. I have been caught doing sketchy stuff by the FBI and I am on a watch list (never doing that again!) and recently had my Amazon account hacked. I am fully aware that physical limitations of wires mean a VPN in Sweden is going to slow down my connection. I don't believe in magical Counter-Strike ping fairies. I could immediately tell the VPN was slower, but it wasn't until after 2 weeks when I first tried to game over it. I don't game much. When I tested and investigated I was surprised that the slow down was so extreme.

Thus my question:
I know I don't fully understand how to setup a VPN or even a router and I was wondering if I could change my config to get a little better ping. Thank you for pointing out that TCP and UDP are wrong, but those are the sample config files that Azire provided me with. I just kept trying them all until I found one that connected. I don't know enough about networking to dive in and change the config file willy-nilly without breaking it. I had a hard enough time just getting a rudimentary connection.

A vps is no more secure than a vpn.... Other peoples computers.

I actually limit my vpn usage to torrenting and tor. It costs $3 / per month to remove the nagging. Very cheap.

I use a VPN so that my wife will stop recieving DMCA notices to her email. She pays the cable bill.

Using Tor gets you on a list so driving it through VPN seems like a reasonable idea just from a ISP/Big Brother making list perspective.

VPN provides a level of IP sharing and indirection that ISP/Big Brother is unlikely to bother with in my case as I am unlikely to ring bells or cross paths with folk who ring bells.

In practice there are only about 4 million data points on tor at any one time and far less than a million in North America. If you had a good assumption that I am Canadian, that I'm using a VPN, that my latency is pretty darn good. Then contacted my ISP and saw which VPN/VPS I was connecting to. Then identified my VPN/VPS you could easily identify my initial node on TOR, and likely my VPN/VPS IP with a little bit of careful timing observation of both systems.

At that point you could send me a DMCA notice.

Far easier would be to just come down to my house and beat me with a rubber hose.

3 Likes

I live in Ohio to, have you tried Cincinnati Bell Fiber optics, I made the switch from Time Warner before it became Spectrum and haven't switched back. I pay about what you are paying now for 50Gb down and 10Gb up and the service is so much better than Time Warner, as to your question about tweaking the config file to get better speed (bandwidth) won't cut down on the slow connection, if you want to increase your speed you need to increase your ban with and choose a VPN provider that is closer to where you live.

1 Like

Unfortunately I live in Columbus. I knew my choices were limited, but I thank you for prompting me to check again.

First of all it's sad when the highest score in a review of 'The best ISP's in Columbus' is 2 of 5, and that one is Verizon. I can get Bresco Broadband at 6Mb/s (that's not broadband)? Or ATT at 18 Mb/s. I have TWC/Spectrum at 24 Mb/s.

ATT offers 100Mb/s fiber for $5 more than what I'm paying now, but it's not in my neighborhood yet. I put my name on a 'email me when you get here' list.

Things in the US and Canada are so much different, I've never heard of anyone receiving a DMCA notice here in Eastern EU for torrenting some content, it's basically pirateland here, no one cares, ISPs never cared.

Yeah I agree, it's probably not so hard to identify someone on tor if you have a big list to filter suspects. I think tor is secure as long as you don't use any exit nodes.

UDP will most likely give you higher speeds, but it won't fix your latency, because the server where your vpn is physically just too far. I'd keep the VPN for anything but gaming though, there's not much point to game over a vpn connection, don't torture yourself. Use it for your web browsing, emails and everything else and turn it off when you are playing games, that's what I would do at least.

1 Like

UDP is prone to packet loss vs TCP, so he might have latency issues but since its far away he will probably have packet loss but packets might get there faster.

Worth experimenting at least.

OP wants a COTS solution, so DIY is off the table.

1 Like

It's not so much that I want COTS. It's more that as an engineer, I know when I'm out of my comfort zone and over my head. Networking is not my field of expertise. That's when it time to ask the experts (like you) for help. If you need to design a structure, I'm here for you.

If I really wanted to or had to, I could probably DIY, but when I tried to learn that it bored me and seemed like too much hardware and software and configs and a new PC for a pfSense server. It would have been a case of blindly following the instructions without really understanding what I'm doing or why I'm doing it. I hate that. I love working on my PC, but I guess I get overwhelmed when I have to deal with networking beyond the basics.

I should probably change the title of this thread to:

So I got a VPN. How do I optimize it?