VPNs encrypt traffic to make a link safe and private, but some VPN features can slow down the connection.
What are VPNs?
A virtual private network (VPN) is a security service for the Internet that lets people connect to it as if they were on a private network. VPNs secure Internet traffic and hide what users do online.
VPN stands for virtual private network.
People use VPNs when they need more privacy and protection on the Internet. Because of this, VPNs are very popular with companies that have workers in different locations or around the world. But VPNs have a problem that comes with them: they can sometimes cause delay.
What is delay?
Latency on the Internet is the amount of time between a user’s action and the result. For example, it is the time between when a user clicks a link to see a picture and when the browser shows that image. Let’s say Bob clicks on a link and the picture takes a few seconds to load. In this case, Bob’s request is taking a long time to be processed.
What does Latency mean?
The physical distance between places where data is accessed and sent is one of the main reasons of Internet latency. When a user makes a request on the Internet, the longer it takes for the request and the answer to get there, the more latency the user will feel. For example, if Alice in California makes a request to a website whose information is on a CDN server a few miles away, the request and response will be very fast because there isn’t much distance to cover.
But if Alice sends a request to a server for a website that is in South Korea, both the request and the answer will take a lot longer. Each request and response must go through a number of routers on its way from point A to point B. This is like taking an international flight with many stops along the way. Each “hop” from one router to the next adds to the delay. Find out more about delay >>
How do VPNs cause delay to get worse?
longer travel times
VPNs can make latency worse by adding more time for requests and replies to travel. For example, Bob might work from home in Oregon and use a VPN service based in Texas to connect to his company’s network. When Bob’s computer wants to talk to a web server over the Internet, it has to send a request all the way to Texas. His VPN service will then decrypt the request and send it to the web server. The web server will then send a response back to the VPN server in Texas. The VPN will then encrypt this response and send it to Bob in Oregon.
This means that even if Bob wants to talk to a data center just a few miles from his house, his request and the answer will have to go all the way from Oregon to Texas and back. This is called the trombone effect, and it can cause a lot of delay.
The Trombone Effect load on the server
Server load can also make delay worse, and connecting to a VPN gives users a new chance to have problems with server load. Let’s say that Alice is trying to join to a VPN server at the same time as 1,000 other users, but the server can only handle 300 requests at once. The server will probably get too busy and start dropping requests or putting them in a queue, which will slow down load times for Alice and many other VPN users. This happens a lot when people use free or cheap VPN services.
Codes and keys
With a VPN, all of the user’s contact with the VPN is encrypted. The process of encryption takes time, and based on the type of encryption used, this can slow down Internet communications in a noticeable way. There is a trade-off between how strong VPN encryption is and how long it takes. Usually, the most secure encryption methods take the longest and cause the most latency. (It’s important to note that some newer encryption methods, like TLS 1.3, try to fix this by speeding up the process of encryption.)
IPsec VPN vs. SSL VPN: How They Work
IPsec, which runs on the network layer of the OSI model, and SSL (also known as TLS), which runs on the application layer, are the two most common encryption methods used by VPNs. Customers will have to decide which protocol they want when choosing a VPN service.
IPsec and SSL have very similar performance rates, but the IKEv2/IPsec system has slightly better performance because it can negotiate connections faster.
One thing to keep in mind is that SSL VPNs may work better when filters are used. Since SSL VPN traffic looks the same as normal HTTPS Internet traffic, a firewall is less likely to stop it or slow it down.
Can a VPN speed up the Internet?
Under certain conditions, VPNs can make some services run faster. ISPs sometimes “throttle,” or intentionally slow down, certain types of traffic. For example, several major ISPs have throttled streaming entertainment services like Netflix. If an ISP slows down contact with a certain service, a VPN could get around this because the ISP wouldn’t know which services the user was talking to because the VPN encrypted the traffic.
Is there something faster than a VPN?
Cloudflare Zero Trust is an identity and access management (IAM) product that tracks user access to any domain, application, or path stored on Cloudflare. It works with single sign-on (SSO) providers like Okta and Google Auth and gives managers the ability to change and personalize user permissions.
Many companies are replacing their corporate VPNs with remote access services because they are easier to use and don’t have the same latency problems as VPNs. Since Cloudflare Access uses Cloudflare’s global network, customers can expect fast service from anywhere in the world, along with a strong security solution called Zero Trust. Check out our Developer instructions to learn how to use a free version of Cloudflare Access.