OpenVPN vs Wireguard

dylightful · June 18, 2020, 1:04am

Hi All,

Looking to gather some feedback on what peoples preference when it comes to self hosted VPN solutions. I have been using OpenVPN since what feels like 1856. But since our god and savor Nyr released road warrior Wireguard, ive been contemplating switching.

What are peoples thoughts?

lmsy · June 18, 2020, 2:02am

Some ISPs don’t like UDP

Iroshan · June 18, 2020, 7:40am

For mobile, wireguard is better IMHO.
Less battery drain.
Seamless network switching, meaning no disconnect while changing from wifi to mobile and vise versa.

anon40039896 · June 18, 2020, 7:40am

Wireguard is build into the Linux kernel (from 5.6).

https://www.reddit.com/r/linux/comments/9bnowo/wireguard_benchmark_between_two_servers_with_10/

luper769 · June 18, 2020, 8:14am

But it has yet to be included in Android right? Having it built-in would be a huge plus

Iroshan · June 18, 2020, 8:52am

Yes. But wireguard Android app has a kernel module, if you have root…
Anyway, the custom kernel I use has it implemented, so can connect directly from command line in termux.

majestic · June 18, 2020, 12:17pm

While this is semi true, its not totally. As @hollyballs said that its been added into the Linux kernel since 5.6 however android has still not exactly caught up since Wireguard was added to mainsteam kernel.

This is very soon to change and likely will start seeing it with Android 11.

There is also a userspace module which has been around for sometime now which doesnt require root.

More info about Android can be seen here:

majestic · June 18, 2020, 12:24pm

For thoughs people whos intrested in an easy method of managing Wireguard, the best UI for managment ive seen is:

Myself persoanlly I use Wireguard for site to site connections via a highly customized ansible module, however still use Softether for my roadwarrior connections using L2TP/IPSEC.

The only reason for this is every built in OS under the sun supports it i.e. android, IOS, MacOS, Windows, Linux without installing any packages etc.

Nyr · June 18, 2020, 4:56pm

WireGuard is faster and simpler
OpenVPN has lots of advanced features
WireGuard is natively included in Ubuntu 20.04 and Fedora, but hackish elsewhere (for now)
OpenVPN has great clients for most operating systems. WireGuard is lacking in some
WireGuard is way more efficient in smartphones and will use less battery

I guess it depends on your use case and preferences.

TimRoo · June 18, 2020, 5:10pm

I have WireGuard installed in my router, and on a couple of raspberry pi’s, and I like it. That said, with my clients being exclusively iOS devices, there generally isn’t any speed difference from OpenVPN (and I’ve tested quite a bit). The other benefits are as others have mentioned though, so all else being equal, there’s no downside to WireGuard.

Iroshan · June 19, 2020, 11:50am

This was almost abandoned. There is community fork which is updated frequently.
But there seems to be some activity now.

majestic · June 19, 2020, 12:04pm

There is? do you know the fork off by hand?

Currently all mine is done via ansible (for wireguard) but would like a UI for roadwarrior users (in the future) so it be good to know. This will happen after major OS’s support WG out of the box kinda thing which is coming.

Iroshan · June 19, 2020, 2:35pm

I linked it.

This one also simple but works. Uses an ssh tunnel to access the UI though.

majestic · June 19, 2020, 3:20pm

Thanks.