nitred · November 5, 2025 22:18 · Sep 10, 2021 · Sep 10, 2021 · Sep 10, 2021 · Sep 10, 2021
diff --git a/optimal_mtu.md b/optimal_mtu.md
@@ -56,7 +56,7 @@ PersistentKeepalive = 5
 ```
 
 ### Conclusions
-* As you can see in the image `peer_mtu_vs_bandwidth.png`, the original MTU settings for 1420 both peer and server gives abysmal bandwdith.
+* As you can see in the image, the original MTU setting of 1420 for both peer and server gives abysmal bandwdith.
 * I found that that MTU 1384 on the WG peer with 1420 on the WG server seems to almost have the best bandwidth.
 * For WG Peer MTU 1384, the max upload bandwidth of 50Mbps of my ISP connection is achieved but I was only able to hit 550 Mbps for the download bandwidth where the max download bandwidth of my ISP connection is 1000 Mbps. This reduction in download bandwidth might be due to other factors but 550 Mbps was sufficient for my use cases so I stopped testing it further.
 

diff --git a/optimal_mtu.md b/optimal_mtu.md
@@ -1,5 +1,7 @@
 ### About
-I faced bandwidth issues when trying to connect from a WG Peer to a WG server. Download bandwidth was reduced significantly and upload bandwidth was practically non existent. I followed [this tutorial](https://www.digitalocean.com/community/tutorials/how-to-set-up-wireguard-on-ubuntu-20-04) to setup my Wireguard configurations. I found a few reddit posts that said that we need to choose the right MTU. So I wrote a script to find an optimal MTU. Ideally I would have liked to have run all possible MTU configurations for both WG Server and WG Peer but for simplicity I choose to fix the WG Server to the original 1420 MTU and tried all MTUs from 1280 to 1500 for the WG Peer.
+* I faced bandwidth issues between a WG Peer and a WG server. Download bandwidth when downloading from WG Server to WG peer was reduced significantly and upload bandwidth was practically non existent.
+* I found a few reddit posts that said that we need to choose the right MTU. So I wrote a script to find an optimal MTU.
+* Ideally I would have liked to have run all possible MTU configurations for both WG Server and WG Peer but for simplicity I choose to fix the WG Server to the original 1420 MTU and tried all MTUs from 1280 to 1500 for the WG Peer.
 
 ### Testing
 * On WG server, I started an `iperf3` server
@@ -17,6 +19,8 @@ I faced bandwidth issues when trying to connect from a WG Peer to a WG server. D
 * WG Peer is a PC running Ubuntu 20.04 locally at home.
 
 ### Config
+I followed [this tutorial](https://www.digitalocean.com/community/tutorials/how-to-set-up-wireguard-on-ubuntu-20-04) to setup my Wireguard configurations.
+
 WG-server
 ```
 # /etc/wireguard/wg0.conf
@@ -56,4 +60,4 @@ PersistentKeepalive = 5
 * I found that that MTU 1384 on the WG peer with 1420 on the WG server seems to almost have the best bandwidth.
 * For WG Peer MTU 1384, the max upload bandwidth of 50Mbps of my ISP connection is achieved but I was only able to hit 550 Mbps for the download bandwidth where the max download bandwidth of my ISP connection is 1000 Mbps. This reduction in download bandwidth might be due to other factors but 550 Mbps was sufficient for my use cases so I stopped testing it further.
 
-In case any one has any explanations for this behavior or have found some mistakes in my configurations or tests, please let me know.
+In case any one has any explanations for this behavior or have found some mistakes in my configurations or tests, please let me know.
diff --git a/optimal_mtu.md b/optimal_mtu.md
@@ -54,6 +54,6 @@ PersistentKeepalive = 5
 ### Conclusions
 * As you can see in the image `peer_mtu_vs_bandwidth.png`, the original MTU settings for 1420 both peer and server gives abysmal bandwdith.
 * I found that that MTU 1384 on the WG peer with 1420 on the WG server seems to almost have the best bandwidth.
-* For MTU 1384, the max upload bandwidth of 50Mbps for my ISP connection is achieved but I was only able to hit 550 Mbps for the download bandwidth where the max download bandwidth for my ISP connection is 1000 Mbps. This reduction in download bandwidth might be due to other factors but 550 Mbps was sufficient for my use cases so I stopped testing it further.
+* For WG Peer MTU 1384, the max upload bandwidth of 50Mbps of my ISP connection is achieved but I was only able to hit 550 Mbps for the download bandwidth where the max download bandwidth of my ISP connection is 1000 Mbps. This reduction in download bandwidth might be due to other factors but 550 Mbps was sufficient for my use cases so I stopped testing it further.
 
 In case any one has any explanations for this behavior or have found some mistakes in my configurations or tests, please let me know.
diff --git a/optimal_mtu.md b/optimal_mtu.md
@@ -1,5 +1,5 @@
 ### About
-I faced bandwidth issues when trying to connect from a WG Peer to a WG server. Download bandwidth was reduced significantly and upload bandwidth was practically non existent. I followed [this tutorial](https://www.digitalocean.com/community/tutorials/how-to-set-up-wireguard-on-ubuntu-20-04) to setup my Wireguard configurations.
+I faced bandwidth issues when trying to connect from a WG Peer to a WG server. Download bandwidth was reduced significantly and upload bandwidth was practically non existent. I followed [this tutorial](https://www.digitalocean.com/community/tutorials/how-to-set-up-wireguard-on-ubuntu-20-04) to setup my Wireguard configurations. I found a few reddit posts that said that we need to choose the right MTU. So I wrote a script to find an optimal MTU. Ideally I would have liked to have run all possible MTU configurations for both WG Server and WG Peer but for simplicity I choose to fix the WG Server to the original 1420 MTU and tried all MTUs from 1280 to 1500 for the WG Peer.
 
 ### Testing
 * On WG server, I started an `iperf3` server
@@ -50,3 +50,10 @@ AllowedIPs = 172.123.0.0/24, 10.1.0.0/24
 Endpoint = Y.Y.Y.Y:51820
 PersistentKeepalive = 5
 ```
+
+### Conclusions
+* As you can see in the image `peer_mtu_vs_bandwidth.png`, the original MTU settings for 1420 both peer and server gives abysmal bandwdith.
+* I found that that MTU 1384 on the WG peer with 1420 on the WG server seems to almost have the best bandwidth.
+* For MTU 1384, the max upload bandwidth of 50Mbps for my ISP connection is achieved but I was only able to hit 550 Mbps for the download bandwidth where the max download bandwidth for my ISP connection is 1000 Mbps. This reduction in download bandwidth might be due to other factors but 550 Mbps was sufficient for my use cases so I stopped testing it further.
+
+In case any one has any explanations for this behavior or have found some mistakes in my configurations or tests, please let me know.
diff --git a/optimal_mtu.md b/optimal_mtu.md
@@ -0,0 +1,52 @@
+### About
+I faced bandwidth issues when trying to connect from a WG Peer to a WG server. Download bandwidth was reduced significantly and upload bandwidth was practically non existent. I followed [this tutorial](https://www.digitalocean.com/community/tutorials/how-to-set-up-wireguard-on-ubuntu-20-04) to setup my Wireguard configurations.
+
+### Testing
+* On WG server, I started an `iperf3` server
+* On WG peer, I wrote a script that does the following:
+    * `wg-quick down wg0`
+    * Edit MTU in the `/etc/wireguard/wg0.conf` file
+    * `wg-quick up wg0`
+    * `iperf3 -c 172.123.0.1 -J -t 5 -i 5`
+        * This runs an `iperf3` client that connects to `172.123.0.1` which is the WG Server gateway
+        * The `iperf3` client runs for 5 seconds and stops and dumps a JSON output
+
+### Setup
+* Max bandwidth provided by my ISP (1000Mbps Download, 50Mbps Upload)
+* WG Server is a VPS running Ubuntu 20.04 on a cloud provider.
+* WG Peer is a PC running Ubuntu 20.04 locally at home.
+
+### Config
+WG-server
+```
+# /etc/wireguard/wg0.conf
+[Interface]
+Address = 172.123.0.1/24
+MTU = 1420
+SaveConfig = true
+PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE; ip6tables -A FORWARD -i wg0 -j ACCEPT; ip6tables -t nat -A POSTROUTING -o eth0 -j MASQUERADE; iptables -t nat -A POSTROUTING -o ens10 -j MASQUERADE; ip6tables -t nat -A POSTROUTING -o ens10 -j MASQUERADE
+PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE; ip6tables -D FORWARD -i wg0 -j ACCEPT; ip6tables -t nat -D POSTROUTING -o eth0 -j MASQUERADE; iptables -t nat -D POSTROUTING -o ens10 -j MASQUERADE; ip6tables -t nat -D POSTROUTING -o ens10 -j MASQUERADE
+ListenPort = 51820
+PrivateKey = xxxxxxxxxxxxxxxxxx
+
+[Peer]
+PublicKey = xxxxxxxxxxxxxxxxxx
+AllowedIPs = 172.123.0.2/32
+Endpoint = X.X.X.X:61426
+```
+
+WG-peer
+```
+# /etc/wireguard/wg0.conf
+[Interface]
+PrivateKey = xxxxxxxxxxxxxxxxxx
+ListenPort = 51820
+Address = 172.123.0.2/24
+MTU = 1384
+
+[Peer]
+PublicKey = xxxxxxxxxxxxxxxxxx
+AllowedIPs = 172.123.0.0/24, 10.1.0.0/24
+Endpoint = Y.Y.Y.Y:51820
+PersistentKeepalive = 5
+```
diff --git a/peer_mtu_vs_bandwidth.png b/peer_mtu_vs_bandwidth.png
diff --git a/wireguard_peer_mtu.csv b/wireguard_peer_mtu.csv
@@ -0,0 +1,222 @@
+MTU_server,MTU_peer,upload_rcv_mbps,upload_send_mbps,download_rcv_mbps,download_send_mbps
+1420,1280,9.779,10.085,363.282,367.822
+1420,1281,10.037,10.221,365.3,367.071
+1420,1282,11.266,11.709,304.065,309.068
+1420,1283,16.128,16.773,436.708,440.421
+1420,1284,9.085,9.32,439.456,442.93
+1420,1285,14.175,14.784,405.159,409.575
+1420,1286,15.324,17.204,461.383,464.782
+1420,1287,9.089,10.135,393.274,396.265
+1420,1288,13.843,14.456,417.028,420.83
+1420,1289,8.903,9.154,365.598,368.779
+1420,1290,9.465,9.741,374.178,377.272
+1420,1291,13.716,14.789,513.172,516.836
+1420,1292,11.127,11.686,449.897,452.991
+1420,1293,17.062,17.937,373.172,375.754
+1420,1294,8.913,9.336,506.806,508.484
+1420,1295,11.947,12.288,409.137,412.493
+1420,1296,8.825,9.102,439.877,442.88
+1420,1297,9.073,9.256,384.711,388.869
+1420,1298,19.563,21.517,456.428,460.047
+1420,1299,8.732,8.942,412.162,415.124
+1420,1300,11.78,13.12,458.38,460.836
+1420,1301,13.143,13.835,345.283,348.746
+1420,1302,17.922,18.753,405.418,409.175
+1420,1303,13.009,14.061,393.397,397.085
+1420,1304,14.858,16.404,550.447,552.679
+1420,1305,10.502,10.884,377.632,381.924
+1420,1306,8.892,9.62,391.268,394.983
+1420,1307,11.758,12.459,430.463,434.699
+1420,1308,12.74,13.193,478.767,481.101
+1420,1309,8.037,8.403,376.72,380.583
+1420,1310,10.473,11.855,497.612,500.3
+1420,1311,10.782,11.032,411.316,415.38
+1420,1312,18.371,20.796,411.914,415.025
+1420,1313,8.627,8.813,380.383,384.415
+1420,1314,10.49,10.996,413.854,416.949
+1420,1315,15.525,17.196,517.402,519.832
+1420,1316,11.548,12.51,426.626,431.252
+1420,1317,20.41,22.89,374.859,378.885
+1420,1318,11.807,12.317,410.784,414.048
+1420,1319,17.487,18.05,386.323,390.693
+1420,1320,19.413,21.036,451.24,453.66
+1420,1321,40.135,42.82,455.563,459.274
+1420,1322,44.686,47.313,433.582,436.076
+1420,1323,43.2,45.824,422.772,426.286
+1420,1324,41.241,43.648,412.187,415.485
+1420,1325,40.672,43.91,504.611,509.149
+1420,1326,39.525,42.257,433.56,437.778
+1420,1327,42.659,45.424,518.56,521.709
+1420,1328,40.767,43.171,451.313,455.999
+1420,1329,44.862,47.07,541.91,544.553
+1420,1330,42.012,45.087,446.963,450.593
+1420,1331,42.473,45.097,491.676,495.083
+1420,1332,43.203,46.347,485.328,489.416
+1420,1333,43.597,46.58,376.498,381.03
+1420,1334,45.479,47.653,499.392,502.72
+1420,1335,42.135,44.841,507.46,510.794
+1420,1336,45.487,48.443,439.534,443.768
+1420,1337,41.627,44.141,438.988,442.439
+1420,1338,45.14,48.169,512.471,515.087
+1420,1339,44.749,47.02,507.913,510.595
+1420,1340,43.1,46.089,510.18,513.517
+1420,1341,44.901,48.07,428.675,432.339
+1420,1342,37.157,39.991,554.82,557.78
+1420,1343,36.424,38.485,382.8,386.083
+1420,1344,40.27,43.063,434.334,438.187
+1420,1345,40.031,42.848,428.99,432.84
+1420,1346,36.87,39.092,375.337,378.224
+1420,1347,39.407,41.866,468.454,470.649
+1420,1348,38.104,40.695,438.86,443.512
+1420,1349,44.343,46.408,457.244,461.109
+1420,1350,41.43,43.773,439.033,442.085
+1420,1351,44.566,46.729,486.283,490.222
+1420,1352,43.826,46.653,411.147,415.675
+1420,1353,37.991,41.169,462.502,466.677
+1420,1354,44.502,47.079,457.439,461.368
+1420,1355,42.396,45.164,389.4,392.718
+1420,1356,38.012,40.918,419.988,423.808
+1420,1357,41.4,44.477,485.799,490.087
+1420,1358,42.438,44.904,545.914,549.605
+1420,1359,42.562,45.459,447.518,450.806
+1420,1360,45.411,47.928,393.015,396.515
+1420,1361,43.693,45.798,476.769,479.518
+1420,1362,41.835,44.81,420.56,423.304
+1420,1363,41.241,44.067,469.51,474.006
+1420,1364,47.234,50.056,416.02,419.452
+1420,1365,46.766,49.922,522.7,526.512
+1420,1366,42.228,44.471,469.826,473.419
+1420,1367,45.386,48.233,481.835,484.83
+1420,1368,40.473,43.29,394.326,397.456
+1420,1369,45.624,47.933,421.451,424.758
+1420,1370,45.554,47.232,426.004,429.556
+1420,1371,45.72,48.316,505.968,509.855
+1420,1372,40.715,43.042,463.434,466.39
+1420,1373,44.388,46.817,394.342,399.014
+1420,1374,44.234,47.081,414.499,417.601
+1420,1375,44.987,47.772,511.849,515.524
+1420,1376,43.949,46.898,413.523,417.787
+1420,1377,42.328,44.548,564.274,567.8
+1420,1378,39.379,41.955,489.432,493.637
+1420,1379,42.114,44.552,517.783,520.464
+1420,1380,40.725,43.098,456.699,459.31
+1420,1381,42.542,45.402,523.891,526.872
+1420,1382,42.395,44.906,514.792,518.786
+1420,1383,45.63,48.434,482.853,485.493
+1420,1384,45.023,47.23,514.259,517.485
+1420,1385,43.41,45.675,443.337,446.342
+1420,1386,38.452,40.952,496.755,500.859
+1420,1387,41.681,43.994,582.79,586.792
+1420,1388,43.156,45.636,517.781,521.409
+1420,1389,41.981,44.336,478.165,481.941
+1420,1390,43.159,45.298,533.484,536.138
+1420,1391,41.629,44.981,411.492,415.005
+1420,1392,45.42,47.612,400.268,403.638
+1420,1393,44.537,47.562,91.884,93.101
+1420,1394,47.322,50.432,74.137,75.698
+1420,1395,47.792,50.713,124.13,126.563
+1420,1396,44.564,47.602,171.668,175.504
+1420,1397,42.817,45.856,70.946,72.115
+1420,1398,43.047,46.05,146.641,151.438
+1420,1399,47.634,50.21,138.423,143.805
+1420,1400,47.693,50.47,124.784,130.186
+1420,1401,0.002,0.112,110.135,111.815
+1420,1402,0.002,0.112,123.79,126.142
+1420,1403,0.002,0.112,103.124,105.616
+1420,1404,0,0.112,86.977,88.483
+1420,1405,0.002,0.112,97.243,99.735
+1420,1406,0.002,0.113,144.839,148.922
+1420,1407,0.002,0.113,157.802,160.497
+1420,1408,0.002,0.113,64.273,65.018
+1420,1409,0,0.113,128.295,131.228
+1420,1410,0.002,0.113,62.276,63.044
+1420,1411,0.002,0.113,109.99,111.325
+1420,1412,0.002,0.113,102.435,106.584
+1420,1413,0,0.113,79.216,80.371
+1420,1414,0.002,0.113,100.332,102.214
+1420,1415,0.002,0.113,114.64,116.9
+1420,1416,0.002,0.113,160.194,163.28
+1420,1417,0.002,0.113,128.546,131.178
+1420,1418,0,0.114,106.562,108.683
+1420,1419,0.002,0.114,228.267,231.989
+1420,1420,0.002,0.114,100.311,102.456
+1420,1421,0.002,0.114,68.612,69.437
+1420,1422,0,0.114,222.877,227.281
+1420,1423,0,0.114,114.47,116.175
+1420,1424,0.002,0.114,87.183,88.719
+1420,1425,0.002,0.114,111.124,115.439
+1420,1426,0.002,0.114,136.311,139.502
+1420,1427,0,0.114,123.442,126.936
+1420,1428,0,0.114,146.415,151.041
+1420,1429,0.002,0.114,140.015,144.193
+1420,1430,0.002,0.114,137.163,141.625
+1420,1431,0,0.114,101.918,104.045
+1420,1432,0.002,0.114,109.205,111.651
+1420,1433,0.002,0.114,102.198,104.472
+1420,1434,0.002,0.114,94.156,96.912
+1420,1435,0,0.114,274.923,278.557
+1420,1436,0,0.114,89.887,91.313
+1420,1437,0.002,0.114,89.854,90.785
+1420,1438,0.002,0.114,149.419,154.718
+1420,1439,0,0.114,162.98,168.52
+1420,1440,0,0.114,129.754,131.415
+1420,1441,0.002,0.114,136.865,138.569
+1420,1442,0.002,0.114,95.295,97.197
+1420,1443,0.002,0.114,150.988,154.865
+1420,1444,0,0.114,79.417,81.118
+1420,1445,0.002,0.114,134.379,136.362
+1420,1446,0.002,0.114,72.408,73.436
+1420,1447,0.002,0.114,134.539,137.73
+1420,1448,0,0.114,121.354,123.645
+1420,1449,0.002,0.114,69.386,72.186
+1420,1450,0.002,0.114,155.168,160.252
+1420,1451,0.002,0.114,95.625,98.829
+1420,1452,0,0.114,154.402,158.912
+1420,1453,0.002,0.114,77.676,81.093
+1420,1454,0,0.114,151.933,155.661
+1420,1455,0.002,0.114,127.309,132.258
+1420,1456,0.002,0.114,148.996,153.324
+1420,1457,0.002,0.114,92.367,95.644
+1420,1458,0.002,0.114,144.232,148.894
+1420,1459,0.002,0.114,77.765,80.336
+1420,1460,0.002,0.114,133.286,138.711
+1420,1461,0,0.114,129.757,135.053
+1420,1462,0.002,0.114,203.826,209.096
+1420,1463,0.002,0.114,71.752,74.063
+1420,1464,0.002,0.114,159.222,164.221
+1420,1465,0,0.114,119.811,124.256
+1420,1466,0,0.114,105.249,110.749
+1420,1467,0.002,0.114,60.189,62.376
+1420,1468,0.002,0.114,213.514,217.745
+1420,1469,0,0.114,64.601,66.069
+1420,1470,0.002,0.114,138.102,142.246
+1420,1471,0,0.114,148.872,152.626
+1420,1472,0.002,0.114,212.529,216.044
+1420,1473,0.002,0.114,104.654,108.83
+1420,1474,0,0.114,137.298,142.16
+1420,1475,0.002,0.114,93.042,96.909
+1420,1476,0.002,0.114,150.276,154.835
+1420,1477,0.002,0.114,80.563,85.272
+1420,1478,0,0.114,114.828,119.55
+1420,1479,0.002,0.114,65.511,67.377
+1420,1480,0.002,0.114,141.206,146.038
+1420,1481,0.002,0.114,210.533,215.735
+1420,1482,0.002,0.114,133.742,138.278
+1420,1483,0,0.114,127.18,130.657
+1420,1484,0.002,0.114,169.513,174.231
+1420,1485,0.002,0.114,155.057,158.817
+1420,1486,0.002,0.114,112.984,117.463
+1420,1487,0,0.114,122.723,127.679
+1420,1488,0,0.114,127.9,132.621
+1420,1489,0.002,0.114,131.65,136.616
+1420,1490,0.002,0.114,60.408,62.315
+1420,1491,0.002,0.114,107.486,111.7
+1420,1492,0,0.114,113.105,116.995
+1420,1493,0.002,0.114,161.789,167.387
+1420,1494,0.002,0.114,87.811,90.931
+1420,1495,0.002,0.114,96.189,99.908
+1420,1496,0,0.114,83.761,86.526
+1420,1497,0,0.114,80.308,82.488
+1420,1498,0.002,0.114,124.105,128.196
+1420,1499,0.002,0.114,120.256,124.763
+1420,1500,0,0.114,184.46,189.222