All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
SoftEther VPN Setup on your VPS Machines
Hey Guys,
I've recently started messing around quite a bit with SoftEther, SoftEther if you don't know is a competitor to OpenVPN and Microsoft VPN etc that is open-source and academy-backed.
It's pretty damn powerful, i tested it on one of my LEB's to another one and i managed to max the connection without any noticable overhead (on MD5-RC4 crypto suite, performance did vary on the much harder crypto suites).
instead of paying VPN providers a ton of money for so-so service i much prefer setting up VPN's on my own, it's also argubly safer, nobody can get logs if you aren't saving any on your own server, it's also usually cheaper and your not sharing IP's with other people who may be up to no good.
I also wrote a small tutorial on how to set it up on linux clients since it's a bit painful, but they have a crazy good GUI tool for configuring server tools on windows.
Comments
yet another softether tutorial?
it is recommended to use bridged setup over secureNAT, best and probably kind of oldest tutorial is this: http://blog.lincoln.hk/blog/2013/05/17/softether-on-vps-using-local-bridge/
Why is it recommended Falzo? Bridged setup creates a lot of duplicated traffic for no reason, why not use L3 routing?...
I saw the speedtest on his site, strange, I've got it working on a 100mb/s connection tested between two LEB's and it worked just fine, he might have set it up wrong.
Also, the client on the post is Windows, did you even read the post? I haven't found any tutorials explaining how to setup the routing table properly on a linux client, it's pretty simple on windows(again, it's in the post if you'd read it next time before commenting)...
I have to admit, I only skimmed through and saw those pictures here and on your page and totally missed out the linux client part. my apologies for that!
at least I didn't post anything really offending, did I? ;-)
I do see better speeds with bridging too, but that's on a vpn connection across the ocean from a home network connection (windows involved)
and it is supposed to cause less cpu usage on the server - which may count in, if you have a lot of users on a rather small vps...
I also haven't seen traffic overhead like described on your page with bridged setup, so can't tell what may be the issue with that.
I am fine if securenat works for you, maybe I'll give it another try next time I setup softether somewhere and do speedtests for sure ;-)
probably they did improve some things in the meantime (e.g. can't remember to have seen this option for choosing the amount of tcp connections ever before) ...
I haven't checked CPU Usage, although it's the only thing on the VPS (64mb machine), i'll update the post later with that and speedtests.
Regarding the bridged setup, don't you get broadcasts/multicasts (L2 ofc) sent in the tunnel?, my datacenter network seems pretty flooded with them (i get 200/300kbps of this sort of traffic unsolicited to the port from other machines unfortunately...) and they go through the tunnel, so i guess it's a good solution for this specific use case, it will vary greatly for other configurations.
Cheers
Also i figured the persistence notes might not be enough for everyone so i added some snippets and scripts at the bottom now for setting up/shutting down on the client and confirming the routing table isn't leaky.
no, I don't see much broadcasts at all - nor on a windows box via the tunnel neither directly at my VMs. that much unwanted traffic I wouldn't like for sure...
but as said above I am not bridging linux boxes, just connecting from windows via ipsec/l2tp only, deactivated most of the other stuff.
AFAIR bridges are more likely to create loops and therefore generate broadcast storms and such, could be an related issue?
but after all as you said, it may greatly depend on use case and configuration for this - and if securenat is working nice and speedy that should be what matters :-)