Nebula is not the fastest mesh VPN, but neither are the others

Nebula (a distributed mesh overlay network first developed at Slack) released their own network benchmarks today:<p><a href="https:&#x2F;&#x2F;www.defined.net&#x2F;blog&#x2F;nebula-is-not-the-fastest-mesh-vpn&#x2F;" rel="nofollow">https:&#x2F;&#x2F;www.defined.net&#x2F;blog&#x2F;nebula-is-not-the-fastest-mesh-...</a><p>This is in response to this oft-cited benchmark post by Netmaker:<p><a href="https:&#x2F;&#x2F;medium.com&#x2F;netmaker&#x2F;battle-of-the-vpns-which-one-is-fastest-speed-test-21ddc9cd50db" rel="nofollow">https:&#x2F;&#x2F;medium.com&#x2F;netmaker&#x2F;battle-of-the-vpns-which-one-is-...</a><p>Previous discussions on encrypted overly mesh networks here:<p>&quot;Would we still create Nebula today?&quot; (Oct 2023) <a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=37871534">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=37871534</a>

I wish you would benchmark more common point-to-point VPNs as well. I see the comment explaining why you don&#x27;t, but I think it would be useful. I&#x27;m comparing Tailscale, Nebula, etc against Wireguard with out-of-band static route management. These are very different beasts, but if I&#x27;m going to pay a 50% performance penalty for mesh routing, maybe I will architect my system to not require it. If it is more like a 5% penalty, then I will absolutely not.

Nebula is great! From what I found after testing other solutions (headscale, netbird, netmaker) It&#x27;s also the only completely open source mesh vpn that can be configured with a highly available control plane (just run multiple lighthouses, nothing is shared) and also supports multiple root CAs for nodes, relays and control planes (and each node can be a relay too)<p>I just wish there was a kubernetes operator to easily set up mesh sidecars like with tailscale and it would be perfect!

nebula seemed like a very interesting choice, when we were looking for a mesh vpn, but the lack of ipv6 support led to it being removed from consideration very quickly<p>so i have been checking <a href="https:&#x2F;&#x2F;github.com&#x2F;slackhq&#x2F;nebula&#x2F;issues&#x2F;6">https:&#x2F;&#x2F;github.com&#x2F;slackhq&#x2F;nebula&#x2F;issues&#x2F;6</a> every time im reminded nebula exists, for the last few years, without success

I respect the work that Ryan and the team is putting out. Excited to see what&#x27;s coming next for Nebula.

For three years, Elestio has trusted Nebula for our IT needs. We chose it for its solid stability, essential for our daily work. Nebula has been reliable without any major issues. Currently, we&#x27;re deploying thousands of VMs, all seamlessly connecting through Nebula. Thanks to the Slack team for creating and maintaining Nebula.

How about NetBird? <a href="https:&#x2F;&#x2F;github.com&#x2F;netbirdio&#x2F;netbird">https:&#x2F;&#x2F;github.com&#x2F;netbirdio&#x2F;netbird</a>

Technically, one of them is going to be the fastest.

I used speedify on iOS for a while and really liked it, but iOS’ abysmal ability to maintain a connection to a vpn was a major pain point.

No benchmark for wireguard?

Fantastic

The title alone is already contradictory

Openness about benchmarks are great, but for me (and I think many others) these benchmarks of <i>mesh vpn</i> are useless.<p>If I have all hosts on 10G physical segment why would I use mesh vpn between them?<p>IMHO, interesting case for mesh vpn is very heterogeneous setup: fir example, 2 hosts in different DCs, 2 hosts on assymetrical ove4subscribed domestic links (ADSL&#x2F;DOCSIS), 2 mobiles in different ends of the world (lte at best) and 2 laptops on cafee wifis (again, in different countries).<p>Then it IS mesh network.