Show me your Wireguard performance

Comments

• tentor Member, Host Rep

  December 2025

  Is it LAN or WAN benchmark? I mean, isn't it just bandwidth bottleneck somewhere in between two endpoints?

  Thanked by 1mandala
• Neoon Community Contributor, Veteran

  December 2025

  @jimaek said:
  I'm peaking at 350mbit on a 1Gbit connection in kernel mode. Plain Wireguard point to point.

  What's your high score and how did you get there?

  iperf with 2x cheap vps's below 1€, easily hit 500Mbit.
  However my wireguard here is slower, no idea why though.
• jimaek Member

  December 2025

  @tentor said:
  Is it LAN or WAN benchmark? I mean, isn't it just bandwidth bottleneck somewhere in between two endpoints?

  WAN to WAN. Doesn't seem to be a bandwidth bottleneck as regular iperf saturates the connection easily at 1Gbit.

  Thanked by 2tentor nghialele
• vitobotta Member

  December 2025

  ~800 Mbps

  Thanked by 1mandala
• Void Member

  December 2025

  ~403 Mbps from Hostsailor AMS Chicken $6/yr

  Thanked by 1mandala
• sh97 Member, Host Rep

  December 2025

  Hitting ~500Mbps on wireguard android to an endpoint in NL, ~120ms away. 550Mbps without VPN to the same endpoint. On a 700Mbps connection.
  No tweaks or anything.

  Thanked by 2mandala cainyxues
• jimaek Member

  December 2025

  All via raw Wireguard or wraps like Tailscale and such?
• Levi Member

  December 2025

  Jin maek, list your wg servers spcs. You can have 1Gpbs pipe, but if you run on 128MB vps - that would be a problem.
• Platonks Member

  December 2025 edited December 2025

  I use a mesh vpn like tailscale, and results vary a lot, depends of you internet speed and protocol you use.
  On a lowend connection ~20mbps to download file from my local cloud using https, it is about 700kbps direct to it, and full bandwith with reverse proxy on datacenter (that itself connect to meshvpn to the server).
  And on a 1g line, i can only get ~700mbps on sftp, but full 1g on webdav all of that passing through meshvpn.

  Thanked by 1mandala
• jimaek Member

  December 2025 edited December 2025

  @Levi said:
  Jin maek, list your wg servers spcs. You can have 1Gpbs pipe, but if you run on 128MB vps - that would be a problem.

  Just for the record:
  Home VPN node:
  Intel(R) Core(TM) Ultra 9 185H
  32GB RAM

  Remote endpoints I tried:

  • Paid ProtonVPN 250-300mbit depending on server
  • 4 core Hetzner VM - ~340mbit
  • 32core OVH dedi - ~350mbit

  No VPN I easily hit 900+ depending on endpoint.

  I haven't tried any meshes, just regular kernel wireguard.

  But I dont want to turn this into a support thread as I'm really interested in the perf everyone is getting.

  Thanked by 1mandala
• sh97 Member, Host Rep

  December 2025

  @jimaek said:
  All via raw Wireguard or wraps like Tailscale and such?

  I tried on the wireguard official android app
• yoursunny Member, IPv6 Advocate

  December 2025

  Multi-hop over WAN:

  1. iperf3 is BeagleBone Black in our closest, located in Washington DC market.
  2. WireGuard client is GL-AR750 router in our closest.
  3. WireGuard server is Evolution VPS in Roubaix.
  4. The other WireGuard client is Heartbeat VPS in Amsterdam.
  5. iperf3 server is on the same machine.

  The GL-AR750 has weak CPU and 100Mbps FastEthernet on both sides, which is believed to be the bottleneck.
  Nevertheless, this bandwidth is sufficient for 720p TV streaming.

  Connecting to host 192.168.121.35, port 5201
  Reverse mode, remote host 192.168.121.35 is sending
  [  5] local 192.168.5.10 port 37891 connected to 192.168.121.35 port 5201
  [ ID] Interval           Transfer     Bitrate         Jitter    Lost/Total Datagrams
  [  5]   0.00-1.00   sec  1.77 MBytes  14.9 Mbits/sec  0.227 ms  944/2303 (41%)  
  [  5]   1.00-2.00   sec  1.69 MBytes  14.2 Mbits/sec  0.861 ms  7750/9045 (86%)  
  [  5]   2.00-3.00   sec  1.91 MBytes  16.0 Mbits/sec  0.301 ms  8524/9986 (85%)  
  [  5]   3.00-4.00   sec  1.89 MBytes  15.8 Mbits/sec  0.350 ms  7418/8864 (84%)  
  [  5]   4.00-5.00   sec  1.86 MBytes  15.6 Mbits/sec  0.335 ms  7528/8955 (84%)  
  [  5]   5.00-6.00   sec  1.86 MBytes  15.6 Mbits/sec  0.713 ms  7717/9142 (84%)  
  [  5]   6.00-7.00   sec  1.76 MBytes  14.8 Mbits/sec  0.493 ms  7423/8774 (85%)  
  [  5]   7.00-8.00   sec  1.73 MBytes  14.5 Mbits/sec  0.757 ms  7777/9101 (85%)  
  [  5]   8.00-9.00   sec  1.74 MBytes  14.6 Mbits/sec  0.232 ms  7791/9121 (85%)  
  [  5]   9.00-10.00  sec  1.74 MBytes  14.6 Mbits/sec  0.303 ms  7847/9181 (85%)  
  - - - - - - - - - - - - - - - - - - - - - - - - -
  [ ID] Interval           Transfer     Bitrate         Jitter    Lost/Total Datagrams
  [  5]   0.00-10.10  sec   120 MBytes   100 Mbits/sec  0.000 ms  0/92292 (0%)  sender
  [SUM]  0.0-10.1 sec  72 datagrams received out-of-order
  [  5]   0.00-10.00  sec  17.9 MBytes  15.0 Mbits/sec  0.303 ms  70719/84472 (84%)  receiver
  
  iperf Done.
  

  Thanked by 2loay mandala
• NotFoundException Member

  December 2025

  It really depends on the path between the two points and most of the time there isn’t much you can do. From my PC to one of my proxmox clusters in another country I get around 250mbit/s on 500mbit/s and between the nodes in different DCs but same provider and country it‘s around 450mbit/s on 500mbit/s.
• alec66 Member

  December 2025 edited December 2025

  from home (2.5gbps fiber/southern italy) to amsterdam WG installed on cheap VPS (10gbps shared) 800/850 mbps approx. same with netcup root server and hetzner. With tailscale as exit node you need to subtract 20/30% at least on such speed. protonVPN on swiss/NL servers around 1gbps
• nikio Member

  December 2025

  I'm peaking at 350mbit on a 1Gbit connection in kernel mode. Plain Wireguard point to point.

  Host OS? Both linux?

  On my LAN I get lower performance going between Windows-Linux machines. But Linux-Linux I can saturate connection and on WAN I can hit maybe 850mbit on a 940mbit peak line.
• Zeast Member

  December 2025 edited December 2025

  Home (600 mbps, fiber) to VPS (1.5 gbps shared), Chile.

  Client: LXC container, 5900hx 2 core, 512mb ram, debian 12
  Server: infofractal.io VPS, Xeon 6244 1 vcore, 1 gb ram, debian 12

  iperf3 from vps side (receiver), using UDP

  Accepted connection from 10.0.1.2, port 39810
  [  5] local 10.0.1.0 port 5201 connected to 10.0.1.2 port 46150
  [ ID] Interval           Transfer     Bitrate         Jitter    Lost/Total Datagrams
  [  5]   0.00-1.00   sec  92.0 MBytes   772 Mbits/sec  0.014 ms  67584/138090 (49%)
  [  5]   1.00-2.00   sec   108 MBytes   906 Mbits/sec  0.015 ms  57383/140174 (41%)
  [  5]   2.00-3.00   sec   106 MBytes   893 Mbits/sec  0.022 ms  58263/139834 (42%)
  [  5]   3.00-4.00   sec  68.3 MBytes   573 Mbits/sec  0.020 ms  87544/139892 (63%)
  [  5]   4.00-5.00   sec  68.3 MBytes   573 Mbits/sec  0.020 ms  87264/139609 (63%)
  [  5]   5.00-6.00   sec  68.3 MBytes   573 Mbits/sec  0.019 ms  87359/139703 (63%)
  [  5]   6.00-7.00   sec  68.3 MBytes   573 Mbits/sec  0.016 ms  87207/139552 (62%)
  [  5]   7.00-8.00   sec  68.3 MBytes   573 Mbits/sec  0.019 ms  96415/148760 (65%)
  [  5]   8.00-9.00   sec  68.3 MBytes   573 Mbits/sec  0.019 ms  98983/151331 (65%)
  [  5]   9.00-10.00  sec  68.3 MBytes   573 Mbits/sec  0.015 ms  86983/139327 (62%)
  [  5]  10.00-10.22  sec  1.26 MBytes  48.7 Mbits/sec  0.018 ms  1588/2552 (62%)
  - - - - - - - - - - - - - - - - - - - - - - - - -
  [ ID] Interval           Transfer     Bitrate         Jitter    Lost/Total Datagrams
  [  5]   0.00-10.22  sec   786 MBytes   645 Mbits/sec  0.018 ms  816573/1418824 (58%)  receiver
  

  I did some testing using different vps from the same provider and xeon 6244 perform the best. 6262V was ~300 mbps.

  EDIT: Also tried same iperf3 without wireguard (pointing to vps public ip) and got 694 Mbits/sec over UDP.

  Thanked by 1mandala
• ValdikSS Member

  December 2025

  I've got 4.5 gbit/s max with 10G connection and in-kernel WireGuard, single peer single connection.

  Make sure you have recent kernel, newer than 6.13 — this version has added GSO support.
  Or even better, try the latest 6.19-rc1, there's been numerous speed ups for network in general and UDP in particular.

  One of the major slowdown reason which is easily missed are ipatbles/nftables rules. The larger the amount, the slower the connection. You can profile it with perf and see how much of CPU time is spent inside nf_* functions.

  This is common with fail2ban / sshguard: if there are lots of banned IPs, it can slow down the network processing significantly. Both of these add blocking rules in a way which make them execute for each packet. The fix is to check if the connection is already established (conntrack established) and pass it as a first input/forward/output rule.

  Thanked by 5Murv mandala Decicus borkedascii SashkaPro
• Murv Member, Megathread Squad

  December 2025

  @ValdikSS said:
  I've got 4.5 gbit/s max with 10G connection and in-kernel WireGuard, single peer single connection.

  Holy shit, is this the real @ValdikSS -sensei!? Didn't know you were here on LET.

  As someone from a heavily censored region I appreciate your research on anti-censorship.

  

  
  You should come shitpost with us sometime.
  

  Thanked by 3Decicus ValdikSS borkedascii
• emperor Member

  December 2025

  This smells like ISP throttling since you get similar speed on 3 different locations, try with openvpn on tcp if you get better speeds.. or mby use @Nyr wireguard script ?