Today I did a short test of running WireGuard on my ASUS RT-AC86U test router, following the instructions I found in the Smallnetbuilder forum. After 2 hours it finally worked with small changes which I made to the config. After I was finished with playing around I did some speed tests to compare it’s current state with OpenVPN. The result is already amazing, and this for something which isn’t even in his final form! Whoho like a Dragon which is waiting to get unleashed!
Note that WireGuard is still experimental and is therefore not ready for production.
PrivateKey = <your key here>
Address = 10.0.59.<or same IP which you allowed in server config>/32
= <your pub key>
Endpoint = <external server ip>:51820
AllowedIPs = 10.0.5.1/24
Installation and Tech stuff
The packages can be found here. Except for Windows and MacOS everything is already in the repo waiting to be tested.
- Test Router: ASUS RT-AC86U
- Firmware: Merlin 384.5
- VPN Provider: AzireVPN (test – because atm only AVPN and Mullvad supporting WireGuard)
- Speed Test Server: Stockholm
As you can see below, the speed test results are over 400 Mbit/s both downlink and uplink. My regular ISP speed is currently around 950 / 950 Mbps.
At the same time, while testing the max speed over Speedtest.net, the router CPU was working up to 100%, using both cores simultaneously. Something which isn’t possible when using OpenVPN on your router.
The end result looks good so far one of the reasons OpenVPN gets outperformed by WireGuard is the fact that it can use multi-cores which benefits dual-quad core CPUs – something OpenVPN can’t.
Everything looks good but what are the odds?
I think that it will be more than challenging for WireGuard to take over the VPN world. IPsec works virtually everywhere without any additional software. OpenVPN is easier to setup and has many mature clients for every platform, so if you require custom software, why would anyone choose something new? When you have proven and popular OpenVPN! As I prooved WireGuard has some advantages – in our case the speed and efficient, but I’m overall still a bit skeptical. That said, IPsec is astonishingly hard to setup and diagnose.
Time will tell if it’s reliable.
Hoping for more VPN providers to implement WireGuard soon and to get a look into the final version to come to a final conclusion.
I like to thank AzireVPN to provide me with a full account in order to some quick tests.
- WireGuard privacy enhancements (azirevpn.com)
- Will PIA implement Wireguard VPN when finalized? (privateinternetaccess.com)
- FLOSS WEEKLY 468 – WireGuard (twit.tv)
- Wireguard Build Status (wireguard.com)
- INSTALLING WIREGUARD, THE MODERN VPN (research.kudelskisecurity.com)
- Connecting to Mullvad with WireGuard on Android (andschwa.com)
- Wireguard:the new cryptotunnel? (airvpn.org)