Kinda want to keep this short. My Asus WRT router running Merlin firmware is currently handling my VPN connections & routing.

There is some part of me thinking if my providers servers go down my router may fallback to WAN, should I run an additional VPN connection on the device/server itself just in case?

It’s been about a year with this setup however this potential issue has been irking me.

Edit: Kill-switch is disabled on the router’s tunnels as it appears to be bugged in two ways. 1) any manual DNS settings get disregarded network-wide 2) it kills all network connections and not just the devices affected.

  • WeirdGoesPro@lemmy.dbzer0.comEnglish
    111·
    4 days ago

    What are you hiding? /s

    I think you could do that, but you will be further bottlenecking your bandwidth, and you will be adding an extra layer of complexity that could lead to unforeseen issues down the road.

    Personally, I would just enable the kill switch, or run the VPN client side, but not double it up with 2 VPN’s.

    • JackAttack@lemmy.dbzer0.comEnglish
      1·
      4 days ago

      Kind of seconding this, I can’t speak for VPN routers, but i recently had a leak when I thought my kill switch was on and apparently something failed (probably me).

      From now on I run both my PCs VPN as well as bind it directly to the torrent client. Same connection, just extra “kill switch” coverage.

      Of course it all depends on how you want to do things/does all traffic need to route through a vpn/etc.

  • catloaf@lemm.eeEnglish
    5·
    4 days ago

    I only run my VPN client-side so that the rest of the traffic isn’t affected.

    • GuardYaGrill@sh.itjust.worksOPEnglish
      1·
      4 days ago

      Hm, in my current state I’ve configured my router to essentially route all bandwidth to the closest server my VPN provider offers. I utilize other tunnels for bypassing censorship and or torrenting.

      So far the year has been solid, I think I’m going to keep chucking away down this path since it does reduce resources on my server.

      • MalReynolds@slrpnk.netEnglish
        1·
        3 days ago

        I run a gluetun docker (actually two, one local and one through Singapore) clientside which is generally regarded as pretty damn bulletproof kill switch wise. The arr stack etc uses this network exclusively. This means I can use foxyproxy to switch my browser up on the fly, bind things to tun0/tun1 etc, and still have direct connections as needed, it’s pretty slick.