So, I’ve been having this peculiar issue lately. About a couple of weeks ago, I started noticing that my real IP was leaking on Apple TV as I tried to watch shows across various streaming services and would get told that it was unavailable in my region. So, I’d run a quick SpeedTest app on Apple TV, and it’d show me my IP. It made no sense why it’d do that since pfSense is configured to route only VPN traffic to Apple TV (but with no killswitch).
I started investigating, went to the main page of pfSense, and enabled Gateway monitoring. And I noticed that my OpenVPN RTT was going way too high, in a few hundred to even thousands — which would cause the gateway to go offline, let my WAN traffic go through to Apple TV, and leak my IP.
I’m attaching a couple of screenshots so you can see how bad the ping goes, and it only starts to go up when I try to use any device with VPN routing on.
I have absolutely zero issues using the internet through pfSense when it’s not routed through OpenVPN, as I have an alias list of IPs that includes my desktop and that I exclude from using any VPN traffic. I am on my computer practically all day doing various things, including gaming, and I never face any issues. It is only happening on the VPN gateway.
Now, I’ve done ping tests to this VPN IP overnight, over hours, and so on and on, and the avg ping never goes beyond 300 even, which is fitting because an avg ping from my location to that VPN’s location is supposed to be around 280 anyway. I’m also attaching a screenshot of WinMTR of that result, so you can see there isn’t any issue with ping when pinging that VPN server IP directly from my ISP internet in a desktop environment.
This started happening about a couple of weeks ago; it was totally fine before that. After running into these issues, I updated my pfSense+ to the latest firmware, but before that, it was running fine for hours on end, streaming for about a month.
One more thing I should note if it helps someone understand why I’m having this issue is that whenever I do a SpeedTest of the VPN via OpenVPN environment through pfSense, as in if I’m doing it from Apple TV or desktop, my ping shows about double on SpeedTest like 500-600. But if I connect to the same host via L2TP/IPSec via Windows PC, the ping stays around 240ms or so for SpeedTests.
So, as you can see, the server itself is fine; I can ping it, and the service is good and all. But when using OpenVPN via pfSense, it causes a severe spike to RTT, and it only does that sometimes, it doesn’t go too high hall the time, sometimes it’ll go and chill around 400, but sometimes it’ll go 600, 800, 1000 and more.
Any help for this would be greatly appreciated, I’ve been trying to troubleshoot this for about two weeks now and spent quite a bit of time with my ISP to figure out if they were throttling my server IP for any reason, but that’s not the case. I even thought maybe my ONT was the issue, but we investigated and ruled that out, too.
p.s. the following info might also help.
Client: pfSense+ 23.05.1-RELEASE running on HP t730 Thin Client - AMD R-Series RX-427BB
OpenVPN Server: UniFi setup at my office in another country.