There are a variety of reasons to use a vpn. The other sites you’ve visited on this topic already cover why.
The main reason I’m adding my own version to the pile is because of ipv6 support. If your ISP gives you a ipv6 address, much (most?) of your traffic will bypass the vpn without these extra settings.
To test where your traffic is going I like to do this:
traceroute google.com traceroute -6 google.com
The first command checks where ipv4 traffic goes. The second tests ipv6. Both should go through VPN.
There’s really not much more for me to say in the post because the script is heavily commented. Even if you don’t run the script, I think the comments will be helpful to many. The comments explain why the steps are taken as well as how to know they’re successful.
There are a handful of sites out there that have helped me get a working server. It still took a couple days of effort. Perhaps this post will help you reduce your time to success. The sites:
Some of the issues I go over in the script:
- How to get an initial ipv4 openvpn server going with this excellent script not written by me.
- How to get “service openvpn restart” to actually restart openvpn.
- Kernel directives needed to forward ipv6 traffic
- Firewall directives needed to allow ip6v forwarding.
- Getting traffic to forward from the openvpn server to the outside internet.
Please leave a comment if this was helpful and/or there are bugs.
I’m not a vultr affiliate. They’re just a cheap provider that was mentioned in a couple places. I’ll note that their $2.50/month servers are “temporarily sold out”. I only found this out after giving them $10. The next level is $5/month; same as digital ocean. I like DO because their Unix posts have helped me a bunch in the past. I’m not a DO customer or affiliate either. vpscheap is likely my next try. They’re even cheaper than the $2.50. I’m not basing any kinds of business on a VPS. Just need vpn and other really minor stuff.↩