There’s been a lot of posts here about folks who upgrade to Windows 11 and have poor network performance when using VPN clients such as Cisco AnyConnect. If you are experiencing this, look at the Windows Update preview KB5028245.
There has been a long-standing code defect in Windows 11 that results in poor network connectivity on some certain network types, including Eero mesh (non-guest) networks. This fixes the problem.
To quote:
“This update addresses an issue that affects virtual private networks (VPN). There might be excessive Address Resolution Protocol (ARP) requests to the network gateway. This occurs when the VPN is on a wireless mesh network that uses an aggressive throttling algorithm. Because of this, network performance is poor.”
Thank you for posting this. I have been having this exact problem with my work VPN on my Win11 laptop when working from home (connected to eero 6+). I’m downloading this update now to give it a try.
What symptoms were you seeing? Was it just low speeds, or was it latency and disconnects? I’ve got the update pending right now, I would like to do before and after testing.
You’re welcome, I’d love to hear your results. I’m also curious what VPN your work uses, if you can share.
I’ve been working on this since late last year (a MS customer who pushed hard to get it understood and then fixed), and now that the patch is coming out from MS on it I wanted to spread the word as it’s been affecting quite a few folks apparently.
The main thing users notice is outbound traffic fails for a moment, so things like a Teams call will have outbound audio and video problems while inbound seems fine. VPN tunnels may drop as the heartbeat fails, and overall performance issues.
This happens because the client loses the arp table entry for the default gateway. You can see this if you have arp -a running every second or so while the problem happens, the default GW entry will be missing.
And THIS happens in Eero networks because Windows ARPs for the GW over and over, the Eero stops responding for a moment (throttling) because the rate of ARP requests is too high, resulting in the client having no L2 path to the GW.
You can see the rapid ARPing in a network capture.
(Note, this is all on the physical NIC, not the virtual/VPN one. And also, this doesn’t happen on Eero guest networks because the guest isn’t a mesh and thus isn’t subject to the rate limiting mentioned above.)
Been using it now for a few days. General performance does seem better - lower latency and lags. There is one problem that has not been completely solved yet… 1. I open Windows Explorer, go to a powerpoint file on our company server, and double-click to open it. 2. After the powerpoint file opens fully, I just scroll through a few slides and close it, not saving any changes. 3. At that point, the Windows Explorer window will freeze (lock-up with the hour glass showing) for something like 5 seconds. I wouldn’t expect it to lock-up at all, since I wasn’t saving any changes when I closed the powerpoint file. Overall, things seem better, but this one problem persists.
I looked in my VPN settings, and I cannot tell what VPN we are using. Is there a way to determine this as a User within Win11?
That’s a real hard question for me to answer. Normally the VPN client is something you run. Or that you’d see running or occasionally interact with. Can you see what programs are running?
That other problem… That’s so many layers above this it’s hard to say. Random pause of a file opened from a remote server. That’s (literally/unfortunately) like four layers up the stack from this.