Wireguard within ZeroTier behind CG-NAT and data consumption

Routers VPN, DNS, Leaks
1

Hello. This is my first post, so welcome everyone :slight_smile:

I am a new user of Brume 3 and Beryl 7.
I have set up the following:

  1. ZeroTier on both devices
  2. Wireguard server on Brume 3
  3. Wireguard client on Beryl 7

I have followed the guide below and everything works quite ok. Meaning, I have a connection from the VPN client to the VPN server. Kudos to goldsteinadj for the guide and most importantly for the screenshots.

The issue I have is that both VPN clients and VPN server show huge data traffic.
Eg. opening a gmail on a device connected through Beryl 7 produces few GB of data on both sides. Same with opening google.com web site.

Also the connection from VPN client to VPN server drops, when Beryl is tethering from other wifi.

Can someone help me understand these 2 issues, how to troubleshoot is and how can I optimise data usage?

1 Like
2

Hi

You might want to try Tailscale—it supports custom exit nodes directly in the firmware, so you won’t need to use WireGuard over ZeroTier/Tailscale.

On Brume 3:

On Beryl 7:

1 Like
4

Thanks. I’ve read a lot about Tailscale leaks and performance issues. Same for ZeroTier. Hence I am using Wireguard inside. And I need a good performance (up to 1GB up/down). Thats why I bought these latest toys which I love. Most users report only 5% overhead, so I don’ t think the reason is a tunnel within ZeroTier. I will test Tailscale and come back.

1 Like
5

However, due to the presence of CGNAT, using Tailscale or ZeroTier is unavoidable.
As a result, related issues—such as potential leaks and performance limitations—cannot be avoided.

On top of that, running WireGuard over ZeroTier or Tailscale introduces additional overhead, effectively reducing device performance by half.

That’s why I recommend using Tailscale directly, without layering WireGuard on top.

2 Likes
6

In the end I switched to Asrtowarp. Why is nobody suggesting it!

Thanks everyone and happy nomading!

2 Likes
7

Glad to hear that Astrowarp meets your needs!

1 Like
9

Hello. I used Astrowarp for some time, but data usage is…. too high for my needs and I would go bankrupt :rofl:

So I reverted back to ZeroTier + Wireguard. But the 150mbps performance was too low for me.

After some exploration of the forum here and the use of AI…. I switched to Tailscale only. Now I have:

  • a secure VPN tunnel from beryl to brume
  • exit node on brume
  • no connection drops
  • no DNS leaks (DNS on the beryl side is directed to the DNS on the brume side)
  • and decent 300mbps up/down performance (which is the limit of the ISP on both ends)

Lets test it over the next few days….