Self-Hosted Multi-Hop VPN (iCloud Private Relay Alternative?)

So we’re discussing multi-hop VPNs on GitHub and it got me thinking: What if you had a VPS somewhere which acted as a gateway to a recommended VPN provider, so that your traffic was routed like:

You → Your VPS → VPN Provider → Internet

In theory that would hide your IP from the VPN provider and the websites you’re visiting from your VPS provider, achieving the same protection that iCloud or Invisv might provide.

I think this could be particularly useful for mobile users whose native IP/location is always changing… I dunno, this is just a 5-minute thought I haven’t fully fleshed out yet, interested to know if anyone has feedback or might theoretically be interested in such a setup guide.

Surely could work but would make you more unique on a wifi network and probably a lot of latency.

Less latency than, e.g., Tor though, and certainly good bandwidth.

Yes sure, I once had a similar idea because i wanted to do some access controls for my family cloud but nowadays just use Zero Trust architecture for this.

1 Like

Probably yes.
You would still have to trust your VPS provider.

I think this could be particularly useful for mobile users whose native IP/location is always changing…

how so?

there’s also Apple’s Private Relay can cause the system to ignore firewall rules - Blog | Mullvad VPN

1 Like

Only with your IP, not your traffic, that is the point.

At first I thought it would be useless. But if you put yourself on other perspectives:

VPN only sees the VPS provider and site you are visiting.

VPS provider only sees your IP and the VPN.

The contents of both traffic should be opaque to each other and should provide plausible deniability of sorts.

You are of course, not in any way anonymous. But you never were anonymous with VPNs.

If anything, it should add a lot of paperworks and hopefully lawful request of your data between governments would be bogged down and lost in bureaucracy. Just make sure the VPN and VPS providers are in different enough jurisdictions (not part of “Five Eyes”, etc).

1 Like

I’m kind of against this from a complexity perspective. VPN services and iCloud Private Relay are pretty much 0 hassle, whereas this solution would require you to maintain your VPS server, not mess up the configuration, etc not to mention the extra cost of paying for a VPN and a VPS. It just seems to make a lot more sense to me to get a multi hop VPN or use Tor, systems that are already set up for you to use and require minimal configuration, maintenance, and hassle. Not really sure that the benefits outweigh the drawbacks in this case.

1 Like