Self-Hosted VPN Options

 

As a follow-up to my 2021 test, I wanted to compare various VPN options in regards to bandwidth speed performance. My requirements: self-hosted Linux-based server/exit node using only an IP address (Oracle Free Tier: Canonical Ubuntu 24.04 Minimal aarch64, VM.Standard.A1.Flex Virtual machine, 4 core OCPU, 24 GB memory, 4 Gbps network bandwidth) and an Android client.

________________________________________________________________________

WireGuard + dsnet

sudo su -

apt install -y nano wget wireguard

wget https://github.com/naggie/dsnet/releases/download/v0.8.1/dsnet-linux-arm64 -O /usr/local/bin/dsnet

chmod +x /usr/local/bin/dsnet

dsnet init

nano /etc/dsnetconfig.json

# Add "0.0.0.0/0" to the 'Networks' array

echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf

sysctl -p

NETDEV=$(ip -o route get 8.8.8.8 | cut -f 5 -d " ")

iptables -t nat -A POSTROUTING -o $NETDEV -j MASQUERADE

iptables -A FORWARD -i wg0 -o $NETDEV -j ACCEPT

iptables -A FORWARD -i $NETDEV -o wg0 -m state --state RELATED,ESTABLISHED -j ACCEPT   

dsnet up

dsnet add example > dsnet-example.conf

# download WireGuard app from Play Store and import dsnet-example.conf

Results:

VPN off: 590, 600, 610, 640, 570 = average 602 Mbps

VPN on: 590, 630, 560, 570, 650 = average 600 Mbps

________________________________________________________________________

Headscale + Tailscale

I couldn't get this to work with only an IP address. If you have a domain, you can follow this guide.

Warning: if you use Tailscale always run with "--no-logs-no-support", otherwise they monitor your traffic.

________________________________________________________________________

OpenConnect ocserv or AnyLink + Cisco Secure Client (AnyConnect)

I couldn't get either server solutions to work with the Cisco Secure Client 5.1.9.115 in the Play Store

________________________________________________________________________

OpenZiti

Even though their documentation says "You may skip setting EXTERNAL_DNS", the expressInstall loops forever with: "waiting for https://<Oracle instance IP address>:8441"

________________________________________________________________________

NetBird

Public domain name required

________________________________________________________________________

Outline VPN

sudo su -

echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf

sysctl -p

iptables -I INPUT -j ACCEPT

SB_IMAGE=oreoluwa/shadowbox:daily sudo --preserve-env bash -c "$(wget -qO- https://raw.githubusercontent.com/EricQmore/installer/main/install_server.sh)" install_server.sh

# on desktop:

#   https://s3.amazonaws.com/outline-releases/manager/linux/stable/Outline-Manager.AppImage

#   ./Outline-Manager.AppImage --no-sandbox

#   click on "Set Up" on "Set up Outline anywhere tile

#   paste code from Oracle instance terminal

#   click on the share icon on one of the keys in the Access Keys list

#   download Outline VPN app from Play Store and paste access key into it to connect

Results:

VPN off: 610, 580, 610, 600, 590 = average 598 Mbps

VPN on: 15, 12, 15, 31, 15 = average 18 Mbps