• Skip to main content
  • Skip to header right navigation
  • Skip to site footer
RestorePrivacy

RestorePrivacy

Resources to stay safe and secure online

  • News
  • Tools
    • Secure Browser
    • VPN
    • Ad Blocker
    • Secure Email
    • Private Search Engine
    • Password Manager
    • Secure Messaging App
    • Tor
    • Identity Theft Protection
    • Unblock Websites
    • Browser Fingerprinting
    • Privacy Tools
  • Email
    • Secure Email
    • ProtonMail Review
    • Tutanota Review
    • Mailfence Review
    • Mailbox.org Review
    • Hushmail Review
    • Posteo Review
    • Fastmail Review
    • Skiff Mail Review
    • StartMail Review
    • Runbox Review
    • Temporary Disposable Email
    • Encrypted Email
    • Alternatives to Gmail
  • VPN
    • What is VPN
    • VPN Reviews
    • VPN Comparisons
    • Best VPNs
    • VPN Coupons
    • VPN Routers
  • Password
    • Best Password Managers
    • KeePass Review
    • NordPass Review
    • 1Password Review
    • Dashlane Review
    • RoboForm Review
    • LastPass Review
    • Bitwarden Review
    • Strong Password
  • Storage
    • Best Cloud Storage
    • pCloud Review
    • Nextcloud Review
    • IDrive Review
    • SpiderOak Review
    • Sync.com Review
    • MEGA Cloud Review
    • NordLocker Review
    • Tresorit Review
    • Google Drive Alternatives
  • Messenger
    • Secure Messaging Apps
    • Signal Review
    • Telegram Review
    • Wire Review
    • Threema Review
    • Session Review
  • Info
    • Mission
    • Press
    • Contact
  • News
  • Tools
    • Secure Browser
    • VPN
    • Ad Blocker
    • Secure Email
    • Private Search Engine
    • Password Manager
    • Secure Messaging App
    • Tor
    • Identity Theft Protection
    • Unblock Websites
    • Browser Fingerprinting
    • Privacy Tools
  • Email
    • Secure Email
    • ProtonMail Review
    • Tutanota Review
    • Mailfence Review
    • Mailbox.org Review
    • Hushmail Review
    • Posteo Review
    • Fastmail Review
    • Skiff Mail Review
    • StartMail Review
    • Runbox Review
    • Temporary Disposable Email
    • Encrypted Email
    • Alternatives to Gmail
  • VPN
    • What is VPN
    • VPN Reviews
    • VPN Comparisons
    • Best VPNs
    • VPN Coupons
    • VPN Routers
  • Password
    • Best Password Managers
    • KeePass Review
    • NordPass Review
    • 1Password Review
    • Dashlane Review
    • RoboForm Review
    • LastPass Review
    • Bitwarden Review
    • Strong Password
  • Storage
    • Best Cloud Storage
    • pCloud Review
    • Nextcloud Review
    • IDrive Review
    • SpiderOak Review
    • Sync.com Review
    • MEGA Cloud Review
    • NordLocker Review
    • Tresorit Review
    • Google Drive Alternatives
  • Messenger
    • Secure Messaging Apps
    • Signal Review
    • Telegram Review
    • Wire Review
    • Threema Review
    • Session Review
  • Info
    • Mission
    • Press
    • Contact

Optimizations in WireGuard Achieve Record 10Gbit/sec Throughput Speed

April 14, 2023 By Heinrich Long — 7 Comments
Optimizations in WireGuard Achieve Record 10Gbit/sec Throughput Speed

WireGuard expert Tailscale has achieved a breakthrough in the performance of WireGuard-based VPNs, resulting in significant improvements in throughput.

More specifically, the Tailscale team applied optimizations such as UDP segmentation offload, UDP receive coalescing, and checksum unwinding, which led to substantial throughput improvements for VPN clients using the WireGuard Go implementation.

WireGuard is an open-source communication protocol that implements virtual private networks, designed to be leaner and better performing than preceding tunneling standards such as IPsec and OpenVPN.

Tailscale is a company that provides scalable VPN solutions built on top of the WireGuard protocol and which has previously contributed significant optimizations and improvements on the standard to the benefit of all WireGuard users.

10Gbit/s on “Bare Metal” Server

The mentioned improvements applied by Tailscale were identified after carefully studying the WireGuard codebase, locating potential areas where performance could be enhanced.

The three main performance improvements implemented by Tailscale’s engineers are the following:

  1. UDP Segmentation Offload (GSO): offloads packet segmentation to network hardware, reducing CPU overhead and improving throughput.
  2. UDP Receive Coalescing (GRO): aggregates multiple smaller packets into a larger one at the receiving end, minimizing CPU usage and enhancing network performance.
  3. Checksum Unwinding: eliminates redundant checksum calculations, reducing CPU usage and contributing to increased VPN performance.

The team conducted tests using wireguard-go on two different systems: c6i.8xlarge and i5-12400, both with UDP GSO, GRO, and checksum unwinding optimizations. The results indicated a substantial increase in performance, with the c6i.8xlarge system achieving 7.32 Gbps, while the i5-12400 system reached 13.0 Gbps.

Performance graphs
Tailscale

This performance enhancement allows Tailscale to join the 10 Gb/s club on bare-metal Linux servers and wireguard-go to surpass the in-kernel WireGuard implementation on the tested hardware. The term “bare metal” refers to physical (non-virtualized) servers that are dedicated to a single tenant, offering consistent and predictable performance results.

WireGuard to Get Speedier for All

This development is crucial for all users of VPNs that rely on WireGuard, as it showcases the potential for improving performance through the application of these optimizations. In our own tests for the WireGuard vs OpenVPN comparison, we’ve also found WireGuard to be significantly faster than legacy protocols.

The increased speed and efficiency achieved by Tailscale are expected to be rolled to the entire community of WireGuard-based VPN users and make the pioneering protocol even more appealing to VPN providers who haven’t adopted it yet. Due to performance and security advantages, there are many VPNs with WireGuard support already available.

Tailscale’s Jordan Whited has already submitted commits for consideration by WireGuard’s core developers and could be implemented upstream very soon. Of course, projects that use WireGuard will see varying levels of performance improvements based on the specific hardware, network conditions, and VPN client implementation.

We will be particularly interested to see whether the relative performance of various WireGuard VPNs changes in comparisons such as these:

  • NordVPN vs Surfshark
  • NordVPN vs TorGuard

Related Articles:

  • VPN Protocols: OpenVPN vs IPSec, WireGuard, L2TP, & IKEv2
  • NordVPN Successfully Completes Independent Infrastructure Security Audit
  • Fastest VPN Services
  • VPNs That Support WireGuard
  • WireGuard vs OpenVPN

About Heinrich Long

Heinrich is an associate editor for RestorePrivacy and veteran expert in the digital privacy field. He was born in a small town in the Midwest (USA) before setting sail for offshore destinations. Although he long chafed at the global loss of online privacy, after Edward Snowden’s revelations in 2013, Heinrich realized it was time to join the good fight for digital privacy rights. Heinrich enjoys traveling the world, while also keeping his location and digital tracks covered.

Reader Interactions

Comments

  1. Slax

    April 18, 2023

    If we could just get WireGuard to work on routers…

    Reply
    • Tesla

      October 25, 2023

      It works on MikroTik routers

      Reply
  2. Riley Reid

    April 17, 2023

    Wireguard is already crazy impressive. Bet this is going to make things even better. Can’t wait to see what the next few years bring to tunneling technology.

    Reply
    • MY Name

      April 18, 2023

      You impress too easily, lol

      Reply
  3. WIll Wheaton

    April 14, 2023

    Privado vpn free and windscribe vpn free both 10gb is pretty good and fast. especially privado vpn.

    Reply
    • Bev Crusher

      April 18, 2023

      Both vpn’s you mention are good and fast unlike Surfshark and Nord. in my experience.

      I personally prefer Windscribe. My subscription with Nord ended recently and I couldn’t be happier with Windscribe’s it’s simple and effective interface and speeds.

      What I don’t like about Privado is it supports SOCKS5 and that doesn’t hide your actions from your ISP. For instance, if you’re torrenting, your ISP will know if you’re using SOCKS5.

      Reply
  4. Super Sven

    April 14, 2023

    Nice, thank you Heinrich Sir,

    I am using Nord and Surfshark VPN and both have Wireguard Protocol. Nord’s Nord Lynx is based on Wireguard.

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Sidebar

Digital Privacy Essentials:
Secure Browser
Private Search Engines
Secure Email
Best Password Managers
Secure Messaging Services
Best Ad Blockers
Best VPN Services
Secure Cloud Storage

Privacy & Security Guides:
Privacy Tools
Alternatives to Google Products
Firefox Privacy Modifications
Five Eyes, 9 Eyes, 14 Eyes Spying
Browser Fingerprinting
Is Tor Safe?
Alternatives to Gmail
VPN vs Tor
Alternatives to WhatsApp
Is Your Antivirus Spying on You?
Controlling Communication Channels is Crucial for Privacy
Anonymity Networks: VPNs, Tor, and I2P
How to Really Be Anonymous Online
Private and Anonymous Payments

Secure Email Reviews:
ProtonMail Review
Tutanota Review
Mailfence Review
Mailbox.org Review
Hushmail Review
Posteo Review
Fastmail Review
Runbox Review
CTemplar Review
Temporary Email Services
Encrypted Email

Password Manager Reviews:
Bitwarden Review
LastPass Review
KeePass Review
NordPass Review
Dashlane Review
1Password Review
Best Password Managers

Secure Messaging App Reviews:
Wire Review
Signal Review
Threema Review
Telegram Review
Session Review
Wickr Review

Secure Cloud Storage Reviews
Tresorit Review
MEGA Cloud Review
Sync.com Review
Nextcloud Review
IDrive Review
pCloud Review
SpiderOak Review
NordLocker Review

How To Guides
How to Encrypt Files on Windows
How to Encrypt Email
How to Configure Windows 10 for Privacy
How to use Two-Factor Authentication (2FA)
How to Secure Your Android Device for Privacy
How to Secure Your Home Network
How to Protect Yourself Against Identity Theft
How to Unblock Websites
How to Fix WebRTC Leaks
How to Test Your VPN
How to Hide Your IP Address
How to Create Strong Passwords
How to Really Be Anonymous Online

About RestorePrivacy

Contact

Checklist to Restore Privacy:

  1. Secure browser: Brave or Modified Firefox
  2. VPN: NordVPN (69% Off Coupon) or Surfshark VPN
  3. Ad blocker: uBlock Origin or AdGuard
  4. Secure email: ProtonMail or StartMail
  5. Secure Messenger: Signal or Threema
  6. Private search engine: MetaGer or Brave
  7. Password manager: NordPass or Bitwarden

About

RestorePrivacy is a digital privacy advocacy group committed to helping people stay safe and secure online. You can support this project through donations, purchasing items through our links (we may earn a commission at no extra cost to you), and sharing this information with others. See our mission here.

We’re available for Press and media inquiries here.

RestorePrivacy is also on Twitter

COPYRIGHT © 2023 RESTORE PRIVACY, LLC · PRIVACY POLICY · TERMS OF USE · CONTACT · SITEMAP