Wireguard VS OpenVPN 2023/24

[Redskins16]

"WireGuard better than OpenVPN?" "OpenVPN is better than WireGuard?" ...these were questions that would have different answers depending on if it was asked 3 years ago or 2 years ago or 1 year ago. Many different forums looked at these questions and answered them differently. Now in 2023 entering 2024, what are the comparisons and differences now? Is WireGuard now better than OpenVPN or is OpenVPN still advanced compared to WireGuard?

 

[ColinTaylor]

Which is better? It's a largely meaningless question. The answer depends not on the protocol (Wireguard vs OpenVPN) but the use case, e.g. client/server software, internet connection type, hardware being used, location, type of access required, etc.

 

[RMerlin]

You can't compare them globally. OpenVPN is much more flexible, which means in some scenarios, it will be your only option. In other scenarios (where CPU performance is a problem), Wireguard will benefit from its faster cipher.

It's situational.

 

[Redskins16]

Which is better? It's a largely meaningless question. The answer depends not on the protocol (Wireguard vs OpenVPN) but the use case, e.g. client/server software, internet connection type, hardware being used, location, type of access required, etc.

I wouldn't call it a meaningless question, because I'm looking at it from the perspective of someone who is fairly new to the whole flash router concept. If one takes the standard basic scale like Speed, Encryption, Security and Privacy, Mobility and Compatibility, then looking at it now, WireGuard comes always on top. Before, if you read a forum of 2020 or 2021 in regards to the comparison then, Encryption, Security, and Privacy were always given to OpenVPN because it existed longer than WireGuard. But now many say that WireGuard has surpassed OpenVPN even in those areas. I wanted to know what people on this forum thought about it with their knowledge and experiences.

 

[Redskins16]

You can't compare them globally. OpenVPN is much more flexible, which means in some scenarios, it will be your only option. In other scenarios (where CPU performance is a problem), Wireguard will benefit from its faster cipher.

It's situational.

But according to what I have read they are constantly compared, giving even WireGuard the flexible title instead of OpenVPN. The point I'm trying to make is that I want to get people with more knowledge of Flash routers like you to give us a basic guide of all the differences and usages because the internet and some VPN providers say that WireGuard is the best option.

 

[ColinTaylor]

I don't know what you mean by "Flash routers". You never mentioned anything about routers in your initial question. If you're restricting your question only to VPN clients that run on a router then that's a different matter, and again it depends on which routers and what the use case is.

Most of what you read online is talking about VPN clients that are running on a PC not a router. They're also usually talking about connecting to commercial VPN services like NordVPN. That's completely different than someone running a VPN server on their router, or creating a LAN to LAN connection.

 

[RMerlin]

giving even WireGuard the flexible title instead of OpenVPN.

That is definitely not true, on many levels. Just to name a few:

- OpenVPN can use either TCP or UDP, which may be necessary to bypass certain firewalls
- OpenVPN can work both as a layer 2 or a layer 3 tunnel, allowing to even bridge the two networks rather than just tunnel them - bridging allows broadcasts to travel through it
- OpenVPN can use very simple authentication (pre-generated certificates) up to very secure authentication that involves both keys, passwords and 2FA, depending on how secure you need to be
- OpenVPN users can be managed by a backend, like LDAP, allowing centralized user management
- OpenVPN can use different ciphers. You might prefer to use AES rather than Chacha20 if you have hardware acceleration available for AES, allowing better scalability than a pure software crypto handler

 

[sfx2000]

You can't compare them globally. OpenVPN is much more flexible, which means in some scenarios, it will be your only option. In other scenarios (where CPU performance is a problem), Wireguard will benefit from its faster cipher.

It's really down to L2 vs L3 - OpenVPN is L3...

WG isn't a faster cipher - it's chacha20-poly1305 and one should compare it to AES-128-GCM...

Good example - 4 core ARMv8a Cortex-A35 @ 2.0Ghz...

gnutls-cli --benchmark-ciphers
Checking AEAD ciphers, payload size: 16384
             AES-128-GCM 0.21 GB/sec
       CHACHA20-POLY1305 75.09 MB/sec


lscpu
Architecture:            aarch64
CPU op-mode(s):        32-bit, 64-bit
Byte Order:            Little Endian
CPU(s):                  4
On-line CPU(s) list:   0-3

Vendor ID:               ARM
Model name:            Cortex-A35
Model:               0
Thread(s) per core:  1
Core(s) per cluster: 4
Socket(s):           -
Cluster(s):          1
Stepping:            r1p0
CPU max MHz:         2004.0000
CPU min MHz:         100.0000
BogoMIPS:            48.00
Flags:               fp asimd evtstrm aes pmull sha1 sha2 crc32 cpuid

 

[RMerlin]

OpenVPN is L3...

OpenVPN can also operate with TAP interfaces, which will bridge the two networks.

WG isn't a faster cipher - it's chacha20-poly1305 and one should compare it to AES-128-GCM...

Good example - 4 core ARMv8a Cortex-A35 @ 2.0Ghz...

That CPU is offering AES support in its IA however. When that`s not the case, a pure "software" implementation will have the Chacha20 ahead of AES ciphers.

However lack of AES support is typical of older platforms. I suspect most modern routers will have AES support there. Here's OpenSSL 1.1.1 comparing a CPU with AES IA against one without it:

BCM4912:

type             16 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes  16384 bytes
chacha20-poly1305    42994.80k   104812.22k   227594.45k   277462.56k   296124.42k   298873.75k
aes-128-gcm      61321.32k   193704.83k   447246.47k   672624.50k   778143.79k   785697.73k

BCM4708:

type             16 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes  16384 bytes
chacha20-poly1305    27663.06k    49538.54k    56385.76k    59117.68k    59233.62k    59405.93k
aes-128-gcm      14970.79k    17049.15k    18043.95k    18143.98k    18381.31k    18269.81k

 

[sfx2000]

That CPU is offering AES support in its IA however. When that`s not the case, a pure "software" implementation will have the Chacha20 ahead of AES ciphers.

However lack of AES support is typical of older platforms. I suspect most modern routers will have AES support there. Here's OpenSSL 1.1.1 comparing a CPU with AES IA against one without it:

I've been happily surprised with the performance of chacha20-poly1305 on older chipsets with Wireguard - even on an older MIPS 24k @ 650Mhz it performs well, much better than OVPN with AES-128-GCM...