Hello,

I am hoping someone can point me i the right direction here. I have a weird home networking issue which I just do not understand at all. My set-up is a Ubiquiti USG-Pro 4, connected to a managed 8 port ubiquiti switch and then a generic 24 port unmanaged switch with various kit plugged into it including a qnap NAS running container services such a PiHole, Deluge, Plex, Nextcloud etc.

I have 3 access points (PoE) connected to the 8 port switch to run my wireless network and I also run some wired and wireless cameras with Unifi Protect

Everything runs fine EXECPT…

Whenever any device (laptop \ mobile \ container running within the NAS \ whatever) connects to my VPN provider (ProtonVPN) and starts to download any sizeable data via that VPN link, my network latency on the USG goes from an average of 16 ms up to a network breaking 500+ ms.

I have tried…

  • Turning off all IPS \ IDS \ traffic monitoring on the USG
  • Completely replacing my generic unmanaged switch for another brand
  • Downloading torrent files from P2P networks
  • Downloading large files directly from the internet
  • Removing PiHole as my DNS server (switching directly to 1.1.1.1)
  • Using OpenVPN and Wireguard protocols

I have experimented downloading from the QNAP NAS, from a wireless connected laptop, from a mobile phone, from a wired computer with and without the VPN connected.

Without the VPN - all is good, speed is good (I have a 500GB down ISP connection) and latency is good (well below 18 ms at all times)

With the VPN - all starts fine but within 30 seconds or so latency is up at above 500ms and the rest of the network slows to a crawl.

I am staring to think that this may be an issue with the processing capabilities of the USG? or am I missing something really obvious here. Any advice appreciated.

  • tychosmoose
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    1 year ago

    First thing I would do is check the CPU load on the USG and Unifi switch during the problem. See if it’s a performance thing. Next would probably be to see how much ingress and egress traffic is happening on the USG. It could be you’re saturating your upload.

    And to be clear - you’re initiating the VPN connection to Proton between the client device and Proton, right? The USG isn’t an endpoint in the VPN connection?