Very very slow...

Post by aistrate » Tue Jan 12, 2016 2:24 pm

Hi guys,

I wanted to check the functionality of the SoftEther Server. I have installed it and configured it without any problems. Authentication is done on a RADIUS server and it works. I can connect from Windows, Macs and iPhone, using default L2TP/IPSEC clients on the OSes.
Everything seems ok, except the bandwidth.
On a computer which has 1Gbps connection I am not able of getting more than 50-100kbps. This is very strange.
The configuration is as follows:
- one NIC in the server with vlan tagging and having the SoftEther server listen on a vlan (public IP) and a bridge with another vlan (there is no ip on that vlan "nic"). Dhcp, routing and NAT-ing is done elsewhere in the network, there are no problems there.
I tried to bridge the VirtualHub to the vlan NIC and also I tried to bridge the VirtualHub directly to the physical adapter and do the tagging inside SoftEther. Both worked ok, regarding the connections.
FWIW, I tried on a different machine, same scenarios, same results. I am using Gentoo Linux as servers.
No matter what I do, the traffic through the VPN is excruciatingly slow, this is not normal at all.
Am I missing something really obvious?
Please advise.

Kind regards,

Post by shawn_d_wood » Sun Jan 17, 2016 11:40 pm

I'm having a similar problem. I've been working on this for over a month, with both Windows equipment and now Linux boxes - with same poor performance problems (I get terrible download rates at the remote site).

Main Location:
VPNServer - Banana Pi with Single gigabit-NIC, connected to the WIFI router for the LAN at main location. VPNServer is configured with a single VPN hub, using DDNS, listening on Port 443. Network at main site is, Static IP on the NIC ( with gateway of (router). Firewall opened to 443 for the static IP. Local bridge is to eth0. My ISP provides 100 mbps down and 25 mbps up - though I usually see better performance than this.

Remote Location (provides 2 networks, 1 that is 100% VPN to main location, other which bypasses VPN):
VPNBridge - Banana PI Router (on-board WIFI + 5 gigabit ethernet ports, using only 1 of the ethernet ports). Eth0 is DHCP connected to the original WIFI router for this offsite location. The network provided by the original WIFI router is 192.168.2.n, The BPI router is given an IP of and uses the original router as its gateway ( The BPI wan0 is configured as manual with no assigned IP address (I also tried it with identical results giving wan0 a static address of Wan0 is not bridged to anything. Eth0 is not bridged to anything. Softether is configured with a single local bridge to wan0. It has a single cascade connection to VPNServer (above). I've got compression and encryption turned off. I can ping devices both ways. But the download speed is simply awful. No NAT or DHCP is turned on. This ISP provides 8 mbps down and 1 mbps up.

From the VPNBridge location, I get 1 mbps up (uses full bandwidth), but a pitiful 300 or less kbps down (I did see it peak at 700 kbps at one moment, and occasionally steady at 400 kbps). All traffic is flowing, all broadcast messages coming through. Devices connecting to the VPN WIFI get assigned IP addresses from the main LAN correctly (192.168.0.n).

I also tested this with windows pc's acting as server and bridge - with identical results - on the VPN bridge side, terrible download rates, but uploads running at full bandwidth available.

I think the slowdown is on the VPNServer side - as the data entering eth0 on the BPI router (which is all coming from the VPN Server) is a fraction of what it is when I run the BPI router as nothing more than an access point. (as tests, running Netflix, when running through VPNBridge I would see typical 200 kbps on eth0 and netflix was running in very low resolution mode - but when VPNBridge disabled and it is just acting as an access point, I get full HD netflix and eth0 is pumping between 600 to 1.2 mbps, in fact I've run 3 simultaneous HD runs at once with no drop-outs while BPI router is acting as just an access point).

I've tried adjusting the number of tcp connections - between 8 and 32. I think I got slightly better performance at 24, but it's hard to say for sure.

I have a little more info. I used the windows network speed tool just within the Main location - windows computer acting as a test client. My speed is 300 kbps down, and 7 mbps up. Very similar to the speed results I'm getting at the remote site. My Bridge isn't active at all while testing this. So I am convinced something is wrong with the VPN server.

The document talks a lot about L2 loops - have I created one with the settings above???

Please help. I don't want to abandon this and have to learn OpenVPN.

Post by thisjun » Thu Jan 28, 2016 8:02 am

What network path (bandwidth and latency) between server and client do you use ?
Please test throughput between server and client without VPN.

Post by shawn_d_wood » Thu Jan 28, 2016 2:46 pm

I've tested this within a single network (to eliminate one of the ISP's as a potential problem).

In this test - I've got 100 mbps down and 25 mbps up from my ISP - verified countless times.

My softether server and bridge are both connected to the same router. The bridge is using the ddns name of the server, so the traffic between the two is flowing out into the internet.

My pings through the bridge to yahoo return slower than the same pings that aren't going through the bridge, but they aren't unreasonable (i.e. 20 millseconds slower when going through the bridge, with an occasional long ping).

A speed test (going through the bridge) has one time hit 1 mbps down, but it typically hovers around 300 kbps down. But it consistently runs at 5 mbps up. Doing the same speed test without going through the bridge (bypassing vpn) I get 25 mbps down and 18 mbps (or more) (I'm running this through WIFI, so I don't get the full 100 mbps down).

When I watch the softether server, while downloading it is pretty much idle. But when uploading, cpu usage jumps to 60%.

I can't figure this out. The path the packets are taking is essentially the same for upload and download (just going a different direction).

I've also trying reversing the roles of the 2 softether devices, with the same results.

Post by thisjun » Tue Feb 16, 2016 6:56 am

How to measure the network throughput?
What protocol do you use?

And, please show ping result.
Some protocol can't get good throughput in high latency network or high packet loss environment.

Post by shawn_d_wood » Tue Feb 16, 2016 1:29 pm

Running speed tests directly on the softether server, I see 200 mbps down and 25 mbps up - so it is smoking fast (using speedtest-cli).

Ping results to Yahoo return timings that are around 30 ms longer when going through the VPN (i.e. ping when not VPNed in coming back around 60ms, ping when VPNed come back around 90ms). I'll see an occasional long ping (300ms or so), but it happens very infrequently. I don't remember ever seeing a lost packet.

I've already spent 2 months messing with this.

So I'm giving OpenVPN a try - to see if it experiences the same lopsided speed issues (i.e. upload is 10 times faster than download). If it does, I can conclude that my ISP causing the problem.

I hope to have some conclusions next week - and I'll post whatever I find.

Post by thisjun » Fri Feb 26, 2016 7:14 am

I doubt there is packet loop.
Could you check number of packets too high?

Post by Mada » Sun Feb 28, 2016 8:02 am

I think different networks might handle softether traffic differently.

I had a lot of problems connecting over 3G connection. Got less than half the bandwidth (and it was eating up my quota). Never did solve that even with lots of help from the forum.

I am now on ADSL and softether works perfectly! Almost 100 % of the bandwidth available. Softether compression works also works well with this setup.

Post by Mada » Sun Feb 28, 2016 8:55 am

I can also add that on a 1 GBps link I get 900/800 MB without softether and 640/640 MB with softether. This is on a i3-4160T with 1600 MHz memory over W10.

Post by shawn_d_wood » Sun Mar 13, 2016 8:25 pm

Well I've finally had time to properly configure and test openvpn versus softether, and it's bad news for softether.

On the same two unix devices (one acting as server, one as the client/bridge) in the same exact configuration:

VPNServer - Download - maxed out at 1 megabits per second a single time for just a moment, usually ran at 300 kbps or less. Upload was always excellent at 10 to 13 mbps.

OpenVPN - Download - maxed out at 20 mbps, usually ran at 10 mbps or better. Upload at 9 to 14 mbps.

So, even though the upload rate is the same, the download rate is easily 20 to 30 times faster with OpenVPN!

This doesn't seem typical, as I've seen examples by others that softether outperforms openvpn. But something about my configuration / ISP / network just seems to turn softether download into a zombie.

Post by wvalcke » Tue Apr 12, 2016 12:58 pm

The only thing i can confirm is that indeed my tests between 2 machines
one machine is server, the other is client
A VPN connection over the internet :

Transfer speed using SoftEther VPN : 30 KB/s
Using the exact same machines and same internet connection, but OpenVpn native server and client
Transfer speed : 250KB/s

That's almost 10 times faster for OpenVPN.
Although the doc states that SoftEther is faster than OpenVPN?


Post by vwc » Fri Apr 15, 2016 4:29 am

Do any of the programmers look at this site? I've seen multiple posts about extremely poor performance, almost unusable performance.

Are we talking to the wind?

Post by moycat » Sat Jun 17, 2017 5:51 am

OK... Finally I have solved this problem. Easy though a little bit imperfect.
The reason is unknown yet but I guess it is because the bridge implementation in Linux version is wrong (the Windows version always runs perfectly). I am not a professional programmer so I cannot debug it.

The solution is:
1. create a "bridge with new tap device" in "local bridge settings" instead of a "bridge with existing physical network adapter". (I use the GUI manager on Windows to manage the Linux server remotely)
2. create a bridge between the tap device and the physical adapter with following shell commands (root):
brctl addbr br0
brctl stp br0 off
brctl addif br0 eth1
brctl addif br0 tap_vpn
ifconfig br0 up
"eth1" is the aim adapter, which you previously chose when creating a "bridge with new tap device", and "tap_vpn" is the new tap device (use ifconfig to see its name).
3. That's all. After this steps my network speed is normal and the CPU load is acceptable for me.

1. Firstly if you cannot create a tap device, google it. You may need to load "tun" module or something. I use an LXC container so I followed the instructions in ... nside-lxc/ but your situation is likely to differ from mine.
2. The Linux bridge does not keep to next boot. To add an auto start bridge, google it. I set up the bridge in /etc/interfaces and add the tap device into the bridge in /etc/rc.local. Fine for me.

My /etc/rc.local is:

if ! [ -c /dev/net/tun ]; then
mkdir -p /dev/net
mknod -m 666 /dev/net/tun c 10 200
/opt/vpnserver/vpnserver start
sleep 5
brctl addif br0 tap_vpn
exit 0

My /etc/network/interfaces is: (the not related are omitted)

auto eth1
iface eth1 inet manual
up ifconfig $IFACE up
auto br0
iface br0 inet manual
bridge_ports eth1 tap_vpn
bridge_stp off

Post by thisjun » Thu Jun 29, 2017 8:03 am

I think the cause of the problem may be in device driver.
Could you share the information about the device you have created localbridge?

Post by HamBam » Thu May 24, 2018 8:38 am

I have the same problem.

i am using the following products:
2 Fujitsu desktop computers, each on one site
Intel Gigabit CT Desktop Adapter and Intel pro xy.. something i removed from an Server...
Windows Server 2016 on both sites.

What i want to do:
I want to bridge 2 switche's on 2 different sites. i want to bridge the trunk ports with several vlans.

What i already tested:
- Internal test: VPN Tunnel trough our physical internal network (1gbit/s) -> bridge troughput was fine (~900mbit/s)
- External test over nat: VPN Server behind nat with portshare (5555). -> bridge troughoput is not usable (2mbit/s)
- External test trough a VPN-gateway (sophos-red) (the sophos red connects with vpn to the firewall and offers the internal network at the remote location, so its logical like an internal ipv4 routing) -> bridge troughoput is not usable (2mbit/s)

I also tested it without vlan tagging, same result. I tested realy old rtm and up2date versions from softether and also the beta versions, always the same result.

I checked the communication with wireshark. I can see that there are packages missing in the tcp communication between the clients which are communicating over the bridge.

It cant be a problem with our bandwidth. At out main location we have 200mbit down and 20mbit up. At the second location we have 50mbit down and 10mbit up. When i use the sophos-red tunnel, i can use the full speed, 20mbit/s (2,5MB/s) with a latency of 20ms.

The realy strange thing is: If i connect the Softether bridge, its working fine for some seconds with full speed and after 5 seconds or so its unusable slow.

