Peplink Device Throughput

If a feature you enable is CPU intensive your throughput can be lower. Tasks like QoS and bandwidth management are CPU intensive, because all packets have to be inspected. So the more features you activate on your device, it can affect your device CPU load. For example, the Balance One - 5 WAN license reduce throughput of the Balance One and One Core from 600Mbps to 400Mbps.

Check first your throughput on a factory reset device with just a PepVPN tunnel. You should reach now the below promise throughput. Then test your required features:
SF bonding,
Bandwidth management
QoS packet inspection
Firewall rules
DNS proxy

On every router (and also every computer) the available resource are shared with all processes, it can only do so much at any given time. Please consider to upgrade your device, there are options like a trade-in or a return of your device.

When latency characteristics are the same across connected WAN links, it has very little effect on SpeedFusion bandwidth throughput. However, when the latency of WAN links varies considerably, bandwidth throughput is affected. In certain conditions, such as regular timed packet loss on the above LTE link, combined with typically high latency found on these types of links, the TCP protocol method of retransmitting lost packets can have a drastic effect on available bandwidth over the VPN. This is another reason why we recommend that, whenever possible, high latency links be used for failover and not as an active SpeedFusion WAN link.

In cases of high variation in WAN link latency, the best approach (assuming there is enough bandwidth on low latency links) is to allocate lower latency links for SpeedFusion while setting higher latency links as failover connections.
Another approach is to use higher latency links for specific direct traffic types that are not as
latency sensitive (like direct internet access) while reserving lower latency links for other important corporate traffic that needs to transit the VPN, such as VoIP and ERP.

The amount of bandwidth available on a LTE or satellite data connection is dependent on a number of factors:

● Signal Strength -Determined by the distance to the nearest cellular tower (or visibility of the satellite) and the subsequent signal quality received.

● Backhaul Bandwidth Availability- From the cellular tower to the ISP's core network or from the satellite ground station to the ISP's core network.

● Device Contention -At the tower or satellite you are connected to (determined by the number of active subscribers on a tower or satellite at any given moment).

We frequently see users who have 100% signal strength yet get only a small percentage of the bandwidth. This can be because there simply isn't enough backhaul bandwidth at a cell tower or ground station to the ISP's backbone, and what is available is saturated. When it is a matter of contention of the service, the easiest way to improve your chances of getting more bandwidth is to create another connection using an additional vSAT or cellular modem connection. This allows you to get twice as much of the time allocated to your devices, and the amount of bandwidth shared with you for your SpeedFusion connection is increased

Most internet connections are provided as a contended service. This means that although your provider has advised you will get up to 24Mbps broadband over DSL for example, depending on how oversubscribed your DSL service is (literally how many people in your area are connected to the ISP's service), the bandwidth that's actually available at any given moment could be considerably less.
The amount of bandwidth available on a contented service can vary considerably over the period of a day (and even minute to minute), with higher speeds possible during working hours compared to the evenings when your neighbours are home and using the same internet service heavily.
Adding an additional fixed line service from the same ISP can give you a 'bigger share' of the bandwidth that's available. 1 :1 contended services are available from ISPs to counter this issue but are naturally more expensive than 20:1 or 50:1 services.

New Zealand ISPs are operating a massive content cache platform. This is historically grown, as NZ is a bit far away from mainstream internet backbones. To avoid bottlenecks a lot of content is cached in New Zealand, means if you download a 12 GB OS image, you are not downloading it from overseas, instead the ISP DNS is redirecting to the country content cache and you get a download within NZ, which is not touching or congesting international links.

New Zealand’s in country content cache sends out packets with a payload close to jumbo frames (with a payload of 4.000 to 7.000 bytes per packet). Usually that won’t work on the internet as the MTU (maximum transfer unit per packet) is fixed to 1500 bytes (minus protocol overhead). These jumbo sized frames simply don’t fit into a VPN tunnel (from any vendor), means they need to be split (fragmented), buffered and sent in many, many small chunks through the tunnel, then re-assembled on the other side. This creates big side effects, not only on CPU load, but also on local buffer limits, lost fragments and therefore packet re-transmissions.

Workaround for now: The NZ ISPs are redirecting to the local content delivery via their own DNS (usually automatically assigned by the ISP to your WANs). If you take out the ISP DNS and replace them on all participating sides (including computers with own DNS setup) with public global DNS servers, then you wont getting redirecting to the national content cache platform. Instead you receive data from the nearest overseas server, which follows standard packet sizes.