VPN suggestions for circumventing NAT
-
I'm in a university dorm, and the university is nice enough to not block any websites but does have a completely locked down NAT policy. I spent a decent amount of money on a Switch so I could play Smash Bros online, and guess what type of connectivity it needs. So, I need a VPN. Specifically, I want a VPN that is very very fast, and I don't need one that offers multiple simultaneous connections, and I don't need privacy-oriented shit like endpoints in other countries. Basically I just want the cheapest option that's still very very fast. Anyone got any recommendations?
-
You didn't say if you wanted a packaged solution, if you don't mind rolling one yourself then running a VPN endpoint on a VPS you rent should be exactly what you want. You then have a bonus then of having a full VPS available for additionally hosting your own domains/email etc...
I'd recommend CentOS with OpenVPN. Because you need to provide services to the Switch, you will have to run a VPN client on a device. Netgear have routers that support OpenVPN.
Edit:
-
@Cursorkeys
I don't have a spare box to run an endpoint on. I want a hosted service and don't mind paying for it.I don't need a router because Windows has hotspot functionality so I'd just hotspot the VPN connection to the Switch.e: oh, you said VPS. Wasn't paying attention. Still, though, VPSes are a good bit more expensive than hosted VPNs. You linked me a site that said $13.75 a month; at $12 a month I have a dozen choices for things with more features than I need. And that's without an extended contract; most of the time it comes down to four to five bucks a month total.
-
@pie_flavor said in VPN suggestions for circumventing NAT:
I don't need a router because Windows has hotspot functionality so I'd just hotspot the VPN connection to the Switch.
TIL! That might come in handy sometime.
Sorry, I've not used any of the commercial services to give a recommendation. My brother uses NordVPN though and seems to be happy.
-
Additional clarifier: I don't need a package over four months. After this semester I'm living off-campus.
-
@pie_flavor I'm not really into VPNs or VPSs but I found this cheap hosting for $5/month, the support person claims you can terminate it at any time.
-
@Gąska The 'blindingly fast' aspect is pretty important, though.
-
@pie_flavor it'll be as fast as going through one more intermediate server can be. Almost definitely faster than what VPN companies offer.
-
@Gąska the guide is out of date and none of the instructions work. Hooray.
-
If you're considering rolling your own for this then Amazon EC2 will give you 750 free hours per month on a Linux or Windows t2.Micro server for a year.
-
@loopback0 does EC2 have good pings? I'd imagine classic VPS has better pings than cloud.
-
@loopback0 I've already bought the server from Hostwinds; tomorrow when my downloads have finished I'll try it out. If I don't like it I can get a refund.
-
@Gąska said in VPN suggestions for circumventing NAT:
I'd imagine classic VPS has better pings than cloud.
Based on what?
How does one being "cloud" and one "classic" mean one is inherently better or worse?ubuntu@redacted:~$ ping -c 10 8.8.8.8 PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data. 64 bytes from 8.8.8.8: icmp_seq=1 ttl=109 time=10.4 ms 64 bytes from 8.8.8.8: icmp_seq=2 ttl=109 time=10.4 ms 64 bytes from 8.8.8.8: icmp_seq=3 ttl=109 time=10.4 ms 64 bytes from 8.8.8.8: icmp_seq=4 ttl=109 time=10.4 ms 64 bytes from 8.8.8.8: icmp_seq=5 ttl=109 time=10.4 ms 64 bytes from 8.8.8.8: icmp_seq=6 ttl=109 time=10.4 ms 64 bytes from 8.8.8.8: icmp_seq=7 ttl=109 time=10.4 ms 64 bytes from 8.8.8.8: icmp_seq=8 ttl=109 time=10.5 ms 64 bytes from 8.8.8.8: icmp_seq=9 ttl=109 time=10.4 ms 64 bytes from 8.8.8.8: icmp_seq=10 ttl=109 time=10.5 ms --- 8.8.8.8 ping statistics --- 10 packets transmitted, 10 received, 0% packet loss, time 9014ms rtt min/avg/max/mdev = 10.409/10.457/10.520/0.032 ms
-
@loopback0 said in VPN suggestions for circumventing NAT:
@Gąska said in VPN suggestions for circumventing NAT:
I'd imagine classic VPS has better pings than cloud.
Based on what?
Based on it being far easier to determine which physical computer actually has to process your request. Clouds usually aren't used for hard real time workloads, so I think they wouldn't be very optimized for hard real time workload. Even sacrifice some of its fitness for hard real time to be better in other, more typical workloads.
No indirection is almost always faster than indirection, and VPS usually has very little indirection. Clouds, on the other hand, are complicated beings made of thousands if not millions of physical machines, with topology that's most likely top secret. Intuition says latency will be the same or better for VPS in every case, unless VPS provider (or their ISP) seriously fucked something up.
ubuntu@redacted:~$ ping -c 10 8.8.8.8 PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data. 64 bytes from 8.8.8.8: icmp_seq=1 ttl=109 time=10.4 ms 64 bytes from 8.8.8.8: icmp_seq=2 ttl=109 time=10.4 ms 64 bytes from 8.8.8.8: icmp_seq=3 ttl=109 time=10.4 ms 64 bytes from 8.8.8.8: icmp_seq=4 ttl=109 time=10.4 ms 64 bytes from 8.8.8.8: icmp_seq=5 ttl=109 time=10.4 ms 64 bytes from 8.8.8.8: icmp_seq=6 ttl=109 time=10.4 ms 64 bytes from 8.8.8.8: icmp_seq=7 ttl=109 time=10.4 ms 64 bytes from 8.8.8.8: icmp_seq=8 ttl=109 time=10.5 ms 64 bytes from 8.8.8.8: icmp_seq=9 ttl=109 time=10.4 ms 64 bytes from 8.8.8.8: icmp_seq=10 ttl=109 time=10.5 ms --- 8.8.8.8 ping statistics --- 10 packets transmitted, 10 received, 0% packet loss, time 9014ms rtt min/avg/max/mdev = 10.409/10.457/10.520/0.032 ms
Congratulations, you've just showed that a service that half the world depends on it having very short response time, and Google has presumably done everything in their power to make sure it has very short response time, has very short response time! But how's that related to cloud?
-
@Gąska said in VPN suggestions for circumventing NAT:
Clouds usually aren't used for hard real time workloads, so I think they wouldn't be very optimized for hard real time workload.
Massive understatement there! Clouds pretty much rely on not being hard realtime. Or even soft realtime. Realtime requires very exact control over how much work is done at different points, so you never really run third-party code on a realtime system unless you have hardware set specially for doing just their workload and the control monitoring is done with physically separate hardware.
-
@Gąska said in VPN suggestions for circumventing NAT:
Google has presumably done everything in their power to make sure it has very short response time, has very short response time!
Yes but even with Google responding very quickly, the Amazon infrastructure needs to be able to get the response back to the originator and any slowness would still show.
-
@loopback0 said in VPN suggestions for circumventing NAT:
any slowness would still show
It would, but most tasks can tolerate HUGE amounts of slowness. It doesn't matter whether your YouTube video shows up in 20 or 200 milliseconds. But it very much does matter when your Mario makes a punch. On the other hand, it doesn't matter to the punch whether you have 1Gbps or 1Mbps connection, but it matters very much to YouTube. Different workloads, different needs, different optimizations, different preferred solutions.
-
@Gąska said in VPN suggestions for circumventing NAT:
@loopback0 does EC2 have good pings? I'd imagine classic VPS has better pings than cloud.
Seems like this would be seriously dependent on where you are and where your server lives. @pie_flavor is in the SF Bay area, so there are probably plenty of nearby options. There have probably been at least 10 datacenters built within 10 miles of my house in the last year alone. But if you end up with something on another continent or the other side of one it probably doesn't matter what type of service you have.
-
@Gąska said in VPN suggestions for circumventing NAT:
Almost definitely faster than what VPN companies offer.
I'd assume the opposite, that hosting your own thing on the cheapest VPS wouldn't be as good as an offering by a company whose core service is VPN.
-
@hungrier but the cheapest VPS doesn't go through multiple jumps and doesn't do any encryption or anonymization. VPN will be slower exactly because VPN is their core service.
-
@Gąska said in VPN suggestions for circumventing NAT:
Clouds usually aren't used for hard real time workloads, so I think they wouldn't be very optimized for hard real time workload.
Anecdotal, but we're using Azure for our gaming servers, which are somewhat real-time reliant....
-
@Gąska said in VPN suggestions for circumventing NAT:
No indirection is almost always faster than indirection, and VPS usually has very little indirection. Clouds, on the other hand, are complicated beings made of thousands if not millions of physical machines, with topology that's most likely top secret.
Y'all know that VPS just means an allocation of a VM in the cloud, right? The only difference between "the cloud" and "VPS" is that with VPS you know which virtual machine you're using.
-
@Tsaukpaetra I thought the dynamic spawning and killing of instances and storage mobility introduces non-trivial latency overhead.
-
@Gąska Only during launch. When the instances are running, they should be OK.
But that doesn't say anything about the standard deviation and jitter on the latency, which is what cares about AFAICT.
-
@Gąska said in VPN suggestions for circumventing NAT:
@Tsaukpaetra I thought the dynamic spawning and killing of instances and storage mobility introduces non-trivial latency overhead.
Sure, which happens once per instance. Unless you're architecting a solution (like us) that does this regularly, your latency of a few minutes in the entirety of the life of your VM is really quite minimal.
And the storage latency really only comes to play if you're actually using storage IO, which a VPN appliance (hopefully!) will not need a whole lot of.
-
@Gąska Managed to get OpenVPN set up and running, and can connect to it, except once connected to it I can't access the internet at all. I'm tempted to say this is more trouble than it's worth.
-
@pie_flavor can you ping from ssh?
-
@Gąska the server can ping just fine, but if I connect to it, on my end every ping times out.
-
I have a Raspberry Pi in my home, and used PiVPN to set up an OpenVPN based VPN server on it. It was a breeze to set up and works great. It should also work on any VM I suppose.
-
ExpressVPN doesn't support connection sharing. VyprVPN does but it's not working and support doesn't know why. Arrgh.
-
VyprVPN actually only supports it through hosted networks, which my network card doesn't do. Whee.