My workplace is experiencing throughput issues when using WireGuard or IKEv2 VPN connections to our workplace VPN servers which uses Jisc as the ISP. We have a 10gbit internet link, and not seeing the issue with other ISPs, such as TalkTalk.
If I connect to WireGuard on port udp/51820, to my workplace, the maximum throughput is about 10-12mbit, same if I use IKEv2 (udp/500, udp/4500). On the same VPN servers, SSTP is also setup which uses tcp/443. When using this protocol the VPN tunnel performance is in the hundreds of megabits, which is what we expect. We know the issue isn't the server or clients, because the same server, then trying the client on say TalkTalk, doesn't see the problem. Nothing else is downloading or running on the clients while speed tests are conducted with internal web server downloads or using iperf3.
I'm seeing the same problems, with people on CityFibre FTTP and OpenReach FTTP in different areas of the country.
If a IKEv2 or WireGuard connection is made to Azure or OVH, then we see the hundreds of megabits we should be expecting, so it's only when going to Jisc ISP, which doesn't have the issue with SSTP protocol is used.
To me it feels like some form of P2P throttling is happening when connecting to other ISPs. Soon as a TCP/443 connection is used the issue goes away, which isn't a port P2P traffic would use, but P2P traffic could use udp/4500 or udp/51820 for example. Maybe the traffic is getting classed as P2P torrent traffic, when it isn't?
Seeing the issue on people who have 150mbit/500mbit/900mbit Vodafone connections. Whether they use Ethernet or WiFi, the issue still happens.
Doing a speedtest outside of the VPN, the speeds are close to their package's rated speeds.
Tunnel MTU is 1400 for IKEv2 and SSTP, and then 1420 for WireGuard, which is more than enough for IPv4, even with possible PPPoE encapsulation happening.
Would love to know why this is happening, even if the answer is just P2P throttling happening.
