Can I replace WARP on VPS?

Posted on

If you’re new member of our community, you might have noticed, that almost always WARP is going to be suggested, when someone asks why he can’t reach some resource.

Very rarely, but question mentioned in title appear – may be there’s something else? Probably, something better?

Small offtop: why WARP?

Just like Ubuntu is a quite good suggestion for newbies in Linux world, WARP is something similar for newbies in IPv6-only world.

There are bunch of installers in Github, which will do all the thing by single command, which is finally more user-friendly anyway. Some of such installers:

Also not a single-command variant, but the tool which is base for all installers above –  https://github.com/ViRb3/wgcf. WGCF actually just generates a Wireguard VPN config to connect to Cloudflare WARP, and WARP installers above are turning this process into automated and sometimes bringing some additional functionality.

Important: none of these installers and/or tools were developed by Hax.

What about replacement?

Now coming back to topic: in general you can try to replace WARP with any other VPN of your choice. The main thing to remember at this step is thay you using IPv6-only VPS. And this nuance breaks many possible alternatives.

Community suggestions:

Nothing yet suggested.

At the moment, there’s nothing to suggest – service provides IPv6-only machines, so the search for WARP alternatives, DNS64 services and etc. is not the task of the service, but a task for user (if he wish to, of course).

If you’re going to start searching, please pay attention at some nuances:

1. Linux support

This is quite obvious criteria of course – if target service doesn’t have Linux client – you most likely can skip this one.

The only thing to note – some services don’t have any clients at all, they just provide you OpenVPN, or Wireguard (rarely something else) client config, which you can use. Yes, such services most likely specify that they support all necessary platforms, but anyway – even if Linux support is not specified, but service just gives you VPN config – service is potentialy usable. We will talk about it in

In this case service is suitable for further analyze.

2. IPv6 Support

Just like a large part of internet today, most VPN services supports only for IPv4 networks. They don’t give you IPv6 as well as don’t listen for connections on IPv6 interfaces. May be even don’t have them.

Please check the VPN service website carefuly – IPv6 support may be mentioned as a feature for example. If you didn’t found anything, you can try to reach their support with your question.

If you received general response like “Yes, IPv6 is supported at our service” without details, then check their webiste (probably they has so called “Knowledge Base” or wiki) – may be there’s clarified which kind of support they do provide. You need to know if you will be able to connect from IPv6 network.

If there’s support for IPv6 clients – that’s cool, service may be usefull.

3. Built-in firewall

Another one thing that you need to pay attention to is if VPN client contain any built-in firewall functionality. It is quite important thing, because if you won’t notice it before testing, it may break your connectivity and you won’t have any other way to get VPS usable, except OS reinstallation ¯\_(ツ)_/¯ To be fair, it would be nice if you can checkout your target service at any other platform they support (on your laptop or phone) to see if such feature exist and if the way to disable it visible for you.

4. Testing

First of all, before any tests do backup of necessary files, services and etc. from your VPS. If you will lose connectivity to VPS due to any reason like firewall, or bug (or anything else) while testing, the only way for you will be reinstall OS. This will mean losing all files and services which you run there.

If you’re going to test service at OpenVZ server, please remember that VPN services require TUN module to be enabled at your VPS.

See also  How to check your vps's virtualization
See also  How to enable TUN/TAP on VPS

If you have a laptop, and familiar with virtual machines, you can even try to use any Linux OS with Live-mode, to test selected VPN in the most realistic environment. Just for info – VirtualBox, QEMU, VMware and etc will most likely provide you a KVM environment (this mentioned just because in KVM your OS will have access to TUN module out of the box)

Final suggestion: please checkout all info carefuly. Remember, you have just 5 OS reinstallations per month!

Small lifehack with VPN configs

If you got any VPN config (for OpenVPN, Wireguard and etc), then most likely you will be able to use it, but may be with some limitations. These configs will contain VPN endpoint as IP address or domain.

Check if this domain has IPv6 address as well – use nslookup vpn-endpoint-domain-here from “dnsutils” package. If it does – you’re good to go.

If it doesn’t – you can do manual translation from IPv4 to IPv6 as mentioned in our DNS64 guide, update your configs and get connection over DNS64+VPN itself.

See also  DNS64: Why is it good, but not always help

Well, it’s important to understand, that any VPN may reduce your internet connection speed. DNS64 will be another layer there, which will cause even more lower speed than with usage of just VPN. Due to that, we suggest to user DNS64+VPN only as a last resort, or if you don’t want to use WARP anymore and don’t care about speed.

In example, combination of Trex DNS64 with WARP gives speed around 10-20 mbps, however pure WARP gives up to 100 mbps. Since this article quite long, example with Trex+WARP will be posted in another article later.

Conclusion

Finally, if you found any good service, which can completely replace Cloudflare WARP – congratulations!

If you want to share your findings, feel free to write in our community about it, explaining nuances you’ve faced with. If it will be considered as a good alternative, it most likely will appear here.