Possible to enable multiple VPNs and dynamically select the fastest?

[secondl1ght]

Hello :wave:

As the title eludes to - is it possible to setup multiple OpenVPN clients (up to 5) and then select a device to route through the VPNs, but have it dynamically select whichever VPN is the fastest? So if for example, if the VPN you are connected with fails entirely or is very slow, the router would just rotate through the 5 configured VPN profiles automatically to find the best one?

I was looking at the VPN Director tab but did not see anything like that there, maybe it is not possible? Thought I'd ask.

Thanks!

 

[Crimliar]

Hello :wave:

As the title eludes to - is it possible to setup multiple OpenVPN clients (up to 5) and then select a device to route through the VPNs, but have it dynamically select whichever VPN is the fastest? So if for example, if the VPN you are connected with fails entirely or is very slow, the router would just rotate through the 5 configured VPN profiles automatically to find the best one?

Not the expert here, but I see (at least) two problems:
1: You'd have to run a speed test via a script for each connection which is going to bring your network to a grinding halt every time it's run.
2: The fastest VPN may be different depending on your target endpoint. What's fastest for one connection may not be fastest for another!

 

[eibgrad]

There's a huge difference between detecting a failure of a particular instance of OpenVPN and using another instance as failover, vs. evaluating all the available OpenVPN clients looking for the fastest one and dynamically changing the routing behavior. @Crimliar has already shown the latter is problematic, but the former is possible since the OpenVPN clients have a fixed priority, with #1 being the highest, and #5 the lowest.

For example, if you configure OpenVPN client #1 and #2 w/ the VPN Director and establish the same rules for *both* instances, then assuming OpenVPN client #1 does NOT have its killswitch enabled, should it fail to the extent its VPN routes are pulled from the relevant routing table (ovpnc1), those routes will fall-through to OpenVPN client #2! And you can repeat this throughout the other OpenVPN client instances (you might want to enable the killswitch on the lowest priority instance to prevent WAN access).

IOW, the router is designed to provide a limited amount of dynamic behavior in this regard, provided you configure it properly. But it's a static configuration.

 

[secondl1ght]

Thanks for the responses! I like the idea that @eibgrad suggested, even if it will not select the fastest connection, at least it will fallback to another VPN if #1 fails (and maybe I could order the connections based on speed tests at the time of setup too). I think I may have thought about this before but I was worried that my IP would leak if I don't have the killswitch turned on. @eibgrad can you confirm that if I have the killswitch turned on for connection #5 that it will for sure not leak anything in case of #1-4 failures?

 

[eibgrad]

Thanks for the responses! I like the idea that @eibgrad suggested, even if it will not select the fastest connection, at least it will fallback to another VPN if #1 fails (and maybe I could order the connections based on speed tests at the time of setup too). I think I may have thought about this before but I was worried that my IP would leak if I don't have the killswitch turned on. @eibgrad can you confirm that if I have the killswitch turned on for connection #5 that it will for sure not leak anything in case of #1-4 failures?

The proof of the pudding is in the eating.