My network setup at home is surprisingly pretty common: a DSL modem (VDSL2 actually) followed by a router featuring an ethernet switch and an 802.11n Wifi access point, configured as a NAT gateway.
Let's imagine I'm in a country that doesn't care about the right to private life of its citizens and performs automated mass surveillance, on the pretext of fighting against terrorism or copyright infringement. A gloomy perspective for sure, but let's keep that as our work hypothesis, for what the future holds in store.
Of course, I could just set up on every computer a VPN whose gateway happens to be in a foreign and more respectful country. However, multiple VPNs on multiple computers are a highly impractical setup for various reasons:
- VPN configuration has to be done multiple times, and I'm allergic to repetitive tasks
- The maximum number of concurrent connections is restricted by VPN service providers
- Access to resources on a local network at the same time is a hassle and need specific configuration, like DNS settings
So, why not install the VPN once and for all in a privacy-enhancing gateway? We will implement it in a clean, IPv6-compatible …