VPN endpoints running on VPS -- How many do you maintain yourself? (via wireguard, etc.)
Question is pretty much what the title says. I'm specifically asking about the number of endpoints that you keep available from running wireguard or whatnot on a VPS, not from a paid commercial VPN service of any sort.
Personally I have two right now, one from @crunchbits in WA and one from @Hostaris in Frankfurt, so I can cover two continents broadly, but I feel like I might need an East coast US one, another EU location that's not too close to Germany, and perhaps one in Asia. Or maybe 5 is overkill? Or maybe you are all running like 25 endpoints worldwide. Just trying to get a general idea of what everyone has setup!
Comments
Sorry man lost count, between bouncers, end points, gateways it is a couple
Free Hosting at YetiNode | Cryptid Security | URL Shortener | LaunchVPS | ExtraVM | Host-C | In the Node, or Out of the Loop?
I have 8 wg endpoints to access my ASN IP on BGP supported VPS's.
Around 4 on Microlxc VPS for the exotic locations IP.
Around 4 for general proxy
5 is definitely not overkill 😄
The Ultimate Speedtest Script | Get Instant Alerts on new LES/LET deals | Cheap VPS Deals
FREE KVM VPS - FreeVPS.org | FREE LXC VPS - MicroLXC
Curious what some of the more useful locations are then in your opinion!
Singapore has the closest proximity to me, so I have a couple of them there, GC (running projects) and WebHorizon NAT (solely for wg)
BGP wg points in UK/DE/NL, for accessing EU specific content. UK and NL together not required as the latency is almost similar, so maybe one in west EU, one in east.
Again, BGP points in quite a few parts of US, but I mainly use my Crunchbits (US West) one for unblocking OTT apps.
If you have idlers, I'd suggest US West+East, Central if you really want it.
EU West + East (Central not required as its geographically smaller and better connected)
Something in Asia with minimal latency to you.
Unnecessary, but if you want connectivuty across the globe, South America and Africa, you can either take Microlxc for casual browsing, or I think WebHorizon has nat in both the continents.
The Ultimate Speedtest Script | Get Instant Alerts on new LES/LET deals | Cheap VPS Deals
FREE KVM VPS - FreeVPS.org | FREE LXC VPS - MicroLXC
Got one in Germany and one in Finland. Both with ZAP Hosting Lifetime vps. Maybe I'll get one in the US at some point.
Ympker's VPN LTD Comparison, Uptime.is, Ympker's GitHub.
I stopped counting after using wg-mesh.
Up to 50-90 links per VPS, I think 60 machines right now.
My gaming machine just had one link to my RPi.
The RPI has like 15-20 wg links, does all the routing too.
Imagine I would do the routing on a windows machine, gah.
Free NAT KVM | Free NAT LXC | Bobr
What are you guys using this for?
I usually just do a WG back into my home network when travelling
The Germany and Finland one basically just for secure browsing or accessing services that are whitelisted by ip. I also have a wg server running on my router to access home network. US location would be used for streaming, but since I can't imagine ZAP Hosting giving me more than 100 Mbit/s throughput on their 500 Mboit/s shared VPS line, and my ISP only supports 250 mbit/s anyway, I figured that for just streaming any of my lifetime VPNs (Windscribe, Ivacy, VPN Unlimited..) should do.
Ympker's VPN LTD Comparison, Uptime.is, Ympker's GitHub.
I used to run a decentralized vpn using nebula ( https://github.com/slackhq/nebula) which worked fine until I started working a lot abroad over various kinds of 4G networks (mostly tourist sim cards) where nebula broke a lot.
Nowadays I have 2500/1000 in most of my networks so I just don't bother and have my lab router as a gateway for everything (and for ipv6-pd as well, so I always get ipv6 everywhere)
Damn, wanna do something like this. Sounds lit.
The Ultimate Speedtest Script | Get Instant Alerts on new LES/LET deals | Cheap VPS Deals
FREE KVM VPS - FreeVPS.org | FREE LXC VPS - MicroLXC
Curious how it broke? My backup link at the house is 4G and I haven't seen it but then again I'm never on it more than 24h or so
Do you have specific routing rules to route traffic to certain endpoints?
The all seeing eye sees everything...
I have 3 in the US, 4 across Europe, and 1 in Japan.
Overkill? Probably...
The all seeing eye sees everything...
Not yet, still to explore that.
The Ultimate Speedtest Script | Get Instant Alerts on new LES/LET deals | Cheap VPS Deals
FREE KVM VPS - FreeVPS.org | FREE LXC VPS - MicroLXC
Sounds a lot like my setup. I have somewhere around 30-40 vps's all meshed with wg. My workstation then connects to any one of these vps's and gains access to the mesh.
I've been thinking about simplifying a bit and run bgp to sort out the routing, but as of now I have a onboarding process that automatically adds a new vps to the mesh with a single command so it's just not worth it.
I did simplify wg-mesh that much too, despite using routing and OSPF.
And you done.
Its an awesome feature to add and remove servers in a few seconds.
Free NAT KVM | Free NAT LXC | Bobr
I have a wg-setup.sh, it creates the keys and adds the node to my icinga via api. All the other nodes run the same script via cron and will get information about the new node via the same api so within 10 minutes the mesh is updated and the new node added.
Yea, I mainly use the routing table for that.
A new node does setup the initial links after connecting via wgmesh connect, then pulls all the other nodes internal IP's via the routing table and connects to them if a connection doesn't exist.
The API also provides external IPv4/IPv6, so its possible to setup wireguard connections depending on supported IP protocols.
Takes about 30s to pull all routing information and then starting setting up wireguard links.
There is a change detection, so as soon a new wireguard link has been setup, the remote will reconfigure bird to add the link and use it.
Free NAT KVM | Free NAT LXC | Bobr
I forgot I had an mostly idling lifetime dedi from Cloudcone in the US. Problem solved
I really need to make a list of services I have, or I'll forget eventually
Ympker's VPN LTD Comparison, Uptime.is, Ympker's GitHub.
"lifetime dedi"?!? What sorcery is that?
It was a giveaway during their 4th or 5th birthday iirc
Have been happy with them ever since.
That said, ZAP Hosting, where I have my lifetime vps, also offer lifetime dedi. There's a thread for it where someone from LES got one. Support even said they'd replace it if hw fails, so you get an adequate replacement.
See:
https://lowendspirit.com/discussion/5751/zap-hosting-lifetime-servers-discussion-updates/p5
Ympker's VPN LTD Comparison, Uptime.is, Ympker's GitHub.
Exactly 1 to my Colocated Server. Its purpose is access to the internal 10.0.0.0/8 network. Rest is just Keepsolid VPN that I got from stacksocial. Suits my needs pretty well.
Crunchbits Technical Support, Technical Writer, and Sales
Contact me at: +1 (509) 606-3569 or [email protected]
Got BGP Peering for wg-mesh working.
Goes via Hong Kong to Europe, since Peering is in Europe and back to Hong Kong.
Have to setup another BGP session in HK.
Free NAT KVM | Free NAT LXC | Bobr
did I just saw you started using BGP instead/alongside of OSPF??? if that is the case, I am happy as a dog
Host-C - VPS Services Provider - AS211462
"If there is no struggle there is no progress"
Alongside, Got a Peering session up in Frankfurt and Hong Kong, in-between 2 OSPF Networks.
However, OSPF doesn't behave right now the way I expected it to behave, still have to fix that though.
I still get shitrouted via Frankfurt despite having a peering session up in Hong Kong.
Free NAT KVM | Free NAT LXC | Bobr