Not sure about that. I set up a wg vpn server on a system which then became unresponsive whenever wg was fully saturating the network. Turns out there is apparently no way to throttle or prioritize a wg server, the only way I could think of would be to dedicate a vm to solely the wg vpn and throttle that vm in its networking.
I instead switched to openvpn which can simply be throttled via a line in its configuration.
Besides that missing feature, openvpn also doesn’t require figuring out the right iptables commands to verbatim paste into its config as startup and shutdown commands. Setting it up was way easier than wg (though openvpn too wasn’t exactly user-friendly).
WG to me seems too clunky and unfinished for more mainstream usage, though I am sure it wouldn’t be an issue for a large commercial user like mullvad that will have no issue with all that.
Iptables commands - that was needed at the very launch of wg, I’ve not had to deal with it for some time now.
Personal/commercial use - I’m on a completely opposite side. It’s perfect for personal use, but its lack of dhcp support makes me question its capability in a commercial setting. Many providers offer it, so clearly that’s not an insurmountable task, but I’m still curious how they sort out their backend.
Yeah, to be honest, WG out of the box is really nice for tunneling and static IP road warriors.
For larger deployments it’s a bit of a PIA without DHCP.
WG was always so much better anyway.
Well it was written to replace open VPN right? So that makes sense
Don’t let openvpn get a swelled head. Itself it was just a Bender project (“I’m gonna write vtun better; with hookers and beer!”) anyway.
Not sure about that. I set up a wg vpn server on a system which then became unresponsive whenever wg was fully saturating the network. Turns out there is apparently no way to throttle or prioritize a wg server, the only way I could think of would be to dedicate a vm to solely the wg vpn and throttle that vm in its networking.
I instead switched to openvpn which can simply be throttled via a line in its configuration.
Besides that missing feature, openvpn also doesn’t require figuring out the right iptables commands to verbatim paste into its config as startup and shutdown commands. Setting it up was way easier than wg (though openvpn too wasn’t exactly user-friendly).
WG to me seems too clunky and unfinished for more mainstream usage, though I am sure it wouldn’t be an issue for a large commercial user like mullvad that will have no issue with all that.
Regarding link saturation - have you tried tc/wondershaper? https://unix.stackexchange.com/questions/28198/how-to-limit-network-bandwidth#28203
Iptables commands - that was needed at the very launch of wg, I’ve not had to deal with it for some time now.
Personal/commercial use - I’m on a completely opposite side. It’s perfect for personal use, but its lack of dhcp support makes me question its capability in a commercial setting. Many providers offer it, so clearly that’s not an insurmountable task, but I’m still curious how they sort out their backend.
Yeah, to be honest, WG out of the box is really nice for tunneling and static IP road warriors. For larger deployments it’s a bit of a PIA without DHCP.
Sadly.
But things like Netbird make it a bit easier.