I’m in the middle east for a few months, and trying to stream my US services. I have 400mbps internet at my hotel, so I’m good on bandwidth. So far I’ve tried two vpn’s (I can’t type them apparently), using wireguard (tried both on Beryl AX travel router ane direct on Shield TV) and even when I get decent speedtests (150mbps or higher), the buffering makes everything unwatchable. I would think in 2024 speeds across the pond would be plenty for this, but are my expectations just too high? Or do I need to just keep trying more and more servers?
What are you connecting to as the VPN server endpoint? A commercial vpn service, or personal hosted device?
Some streaming services intentionally downgrade commercial VPN provider IPs, or block them entirely.
PS… also, depending on the type of connection you’re coming from, MTU size and packet fragmentation could come into play.
Commercial. I also tried my personal server at home that’s setup with Wireguard, but the problem is it’s behind a CGNAT, so I can do direct IPv6, or IPv4 through my VPS (which is actually in Germany, so extra latency plus bandwidth limits). But my hotel doesn’t have IPv6, so it pretty much kills that option.
Commercial endpoints will always be a mixed bag, because the streaming providers know all those IPs and can choose to deprioritize them, if not block them.
If your home device can act as a tailscale exit node then you can work around the CGNAT and hopefully get a peer to peer connection without an intermediate DERP relay.
I’m only a little familiar with tailscale, and my impression was that it was essentially doing what I’m already doing with wireguard. But maybe I’m misunderstanding. I’m wondering if I can run a wireguard server on my travel router (it has an option), and then connect the home server to it, like a reverse vpn. But I’m also not sure if my hotel ip is behind cgnat…most likely.
Tailscale runs wireguard at a connection level. It just allows for hole punching and outbound connections to put everything together without needing port forwarding
Right, so the only difference is the traffic routes through a tailscale server instead of my vps. So not sure it really gains me much?
2 goals here;
-
Access streaming services from your home IP so things are not blocked or throttled by services that recognize commercial VPNs.
-
Navigate through CGNAT issues to connect your client to your server.
Tailscale makes both super easy. It does #2 always and automatically. #1 is the “exit node” option they provide that can be selectively engaged.
Tailscale is already supported by the Beryl AX: https://docs.gl-inet.com/router/en/4/interface_guide/tailscale/
If you can remotely install it on your home server, advertise exit node there, and you’re off to the races.
Not really. Tailscale will initially use a relay server to establish the connection without needing port forwarding, then try to move to peer-to-peer if possible. It will only use a DERP relay as a fallback.
If all goes well, you’re getting a direct peer wireguard connect with no relay.
PS. If you are going to continue using your relay, then start looking at MTU. If you have a few layers in here, you may need to reduce MTU size to keep from getting packet fragmentation, which will add a lot of latency even on high-speed connections. Try a WG client config MTU of 1320. If that helps, then bump it up by 20 until you find optimal.
Thanks. I’ll check all this out for self-sufficiency. That said, I was doing some more diagnostics on my travel router, and it seems the ethernet connection was actually dropping intermittently. I switched to use the hotel wifi, and so far it’s rock solid using the commercial vpn! I am still inside my free trial period tho so I could still try to get my money back.
Hotels can be tricky. If they have a captive portal they may sometimes restrict you to 1 device per guest. If so, you may need to fill it out using your phone or laptop, then use MAC cloning on the router UI to set the router to the same MAC as that device.
Yeah I was concerned about that, but no issues with any of that. I swapped the WAN and LAN ports on my router, and now it’s rock solid. Tried some other things to fix the WAN port, but nothing worked. From what I can tell from forum posts it’s either an issue with the 2.5Gbps port negotiating 1Gbps properly, or my physical port on the router is damaged. The VPN is dropping my speed from 400mbps to about 250-290 max…but I think I can live with that!