Netmaker is a VPN that relies on WireGuard to forge fast, secure connections between devices and networks. WireGuard has demonstrated superior performance in industry speed tests, and so we wanted to run our own tests to determine how Netmaker performs against pure WireGuard, as well as other standard VPN alternatives.
In our tests, Netmaker demonstrated exceptional performance, especially on high-speed networks. On gigabit networks (1.25-2 gbps / 10.0 gbps burst), Netmaker achieved consistent data transfer speeds averaging 7.88 Gbits/sec, nearly identical to kernel WireGuard alone at 7.89 Gbits/sec.Â
These results confirm why organizations requiring a reliable, high-speed VPN choose Netmaker.
We created three networking scenarios to test VPN data transfer speeds:
1. Local: Devices are on the same local network (VPC on DigitalOcean)
2. Regional: Devices have the same network provider, but different local networks (DigitalOcean data centers)
3. Cross-Cloud: Devices have different netework providers (DigitalOcean and Google Cloud)
We created one additional scenario to test the top three VPNs from these results.
4. High Performance: Devices have a high-speed link, and VPN is performance optimized (between VPCs on AWS with a 10GB network)
We ran test suites #1-3 across seven top VPN options for business networking:
We performed these tests on virtualized Linux servers using a variety variety of server specs, locations, and networks, running each specification multiple times, and averaging the results. Across all tests, it was clear that the WireGuard-based candidates (Netmaker, Tailscale, and kernel WireGuard) were vastly outperformed the other candidates, including ZeroTier, Nebula, OpenVPN, and Tinc. The WireGuard-based candidates consistently transferred data between 2-20 times faster than these alternatives, and achieved similar results.
We took the top three candidates, Netmaker, Tailscale, and WireGuard, and ran an additional high performance scenariour, using a 10 Gigabit network, and performance optimizations to maximum transmission speed.
Netmaker and WireGuard showed consistently high speeds, transmitting at nearly 8GB/s, while Tailscale encountered some issues under stress.
Tailscale initially achieved a respectable 5.25 Gbits/sec. However, attempts to maximize transmission speed by optimizing MTU caused problems. Tailscale frequently switched to a fallback routing mechanism, which drastically reduced speeds, appearing to be a key design flaw in this high performance test scenario. Netmaker and WireGuard did not encounter similar issues.
Tailscale's speed plummeted to 35.6 Mbits/sec, bringing down the average speed considerably, and unpredictably.
As a note, while Netmaker did not require a relayed connection in this scenario, Netmaker solves for such problems by allows administrators to set dedicated Relay servers for connections, rather than switching them on and off automatically. We've found this process is much more reliable for such scenarios, where network administrators want more control over network routing.
Our tests confirm that WireGuard-based VPNs yield the best network performance in standard testing. Netmaker, WireGuard, and Tailscale all vastly outperformed the other options by a considerable margin.
Additionally, our tests indicate that in high-performance scenarios, Netmaker or just pure WireGuard make better options, compared to Tailscale.
Link to Full Data: VPN Comparison 2024
Initial tests were designed to measure and compare performance across three different scenarios:
‍Intra VPC - Machines were located within the same Virtual Private Cloud (VPC) network.
This setup simulates an internal network environment.
Inter VPC - Machines were located in different VPC networks within the same cloud provider.
This setup simulates communication between different regions or zones of the same provider.
Inter Cloud - Machines were located on different cloud platforms (e.g., one on Digital Ocean and one on Google Cloud Platform). This setup simulates cross-cloud communication.
Each of the above test scenarios was executed using three different hardware configurations:
Small Configuration
Medium Configuration
Medium Configuration
Each VPN solution was configured and tested according to the following parameters (sample structure based on available data):
For each VPN solution, the following tests were performed three times to ensure reliability of the collected data:
Subsequent tests were run on AWS with Netmaker, Tailscale, and kernel WireGuard
The above test scenario was executed using one hardware configuration on two devices:
c5.xlarge
‍
GETÂ STARTED