I’m using a wireguard docker container to provide vpn connection to a qbittorrent container. When I compare it to wireguard on linux and the qbittorrent application, the same torrent is way slower. My server gets 2Mbit/s and my computer 15Mbit/s The 15Mbit/s is where my internet connection caps, while downloading that fast I can’t watch YT videos. They both are in the same network using the same vpn provider and same endpoint.

for qbittorrent docker-compose I use network_mode: service:wireguard

  • Guilvareux@feddit.uk
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    It depends how wireguard is implemented.

    The container may be running wireguard in userspace, instead of the OS’s kernel implementation.

  • funkajunk@lemm.ee
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    Can you please share your compose file?

    I personally use a separate container instead of another service, not sure what difference it makes

    network_mode: "container:wireguard"

    Using the lscr.io/linuxserver/wireguard:latest image btw

    • bruchsturm@discuss.tchncs.deOP
      link
      fedilink
      English
      arrow-up
      0
      ·
      edit-2
      1 year ago
      services:
        wireguard:
          image: lscr.io/linuxserver/wireguard:latest
          container_name: wireguard
          cap_add:
            - NET_ADMIN
            #- SYS_MODULE #needed if wireguard kernel module gets not loaded
          environment:
            - PUID=995
            - PGID=995
            - TZ=Europe/Vienna
          volumes:
            - wireguard_config:/config
            #- /lib/modules:/lib/modules stack #needed if wireguard kernel module gets not loaded
          ports:
            - 51820:51820
            - 51820:51820/udp
            - 8113:8113 #qbt WebUI - This is not necessary with trafik, I still have it for debug reasons and it's only reachable in my local network so I think its fine
          networks:
            - net
          labels:
            - traefik.enable=true
          sysctls:
            - net.ipv4.conf.all.src_valid_mark=1
            - net.ipv6.conf.all.disable_ipv6=0
          restart: unless-stopped
      
        qbittorrent:
          image: lscr.io/linuxserver/qbittorrent:latest
          container_name: qbittorrent
          network_mode: service:wireguard
          depends_on:
            - wireguard
          environment:
            - PUID=1004
            - PGID=1004
            - UMASK=002
            - TZ=Europe/Berlin
            - WEBUI_PORT=8113
          volumes:
            - qbt_config:/config
            - torrents:/data/torrents
            - media:/data/media
          labels:
            - traefik.enable=true
            - traefik.http.services.qbt.loadbalancer.server.port=8113
            - traefik.http.routers.qbt.rule=Host(`torrent.example.com`)
            - traefik.http.routers.qbt.middlewares=https-redirect@file
            - traefik.http.routers.qbt-secure.rule=Host(`torrent.example.com`)
            - traefik.http.routers.qbt-secure.entrypoints=websecure
            - traefik.http.routers.qbt-secure.tls=true
            - traefik.http.routers.qbt-secure.service=qbt
          restart: unless-stopped
      
      • funkajunk@lemm.ee
        link
        fedilink
        English
        arrow-up
        0
        ·
        1 year ago

        I would try it with the SYS_MODULE and /lib/modules lines uncommented. That’s how I have my container and it seems to perform just fine.

          • funkajunk@lemm.ee
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            Any reason you need the traefik label on the wireguard container? Seems unnecessary.