Hacker News new | past | comments | ask | show | jobs | submit login
Tell HN: Commercial VPN service now in open source
151 points by v_ivanov on June 27, 2015 | hide | past | favorite | 35 comments
Hi folks!

Let me introduce myself. I am CEO/CTO/CIO/etc of russian SmartVPN.biz VPN service.

I couple years ago I got an idea to create my own startup - VPN service. It was quite sudden idea, when a couple of friends asked me to give them access to my personal VPN server. Of course I did not study the market, didn’t check how many such services are already exists. I’ve just started coding. A little bit later I made working prototype and pushed it to production.

There were not so many expenses, only my free time and 20$/month for low-end vps.

A year and a half the project was in production. Lots of things changed meanwhile. Internet in russia became very limited and censored. I’m glad that I helped people to bypass stupid internet limitations in our country. I’ve also experienced DDoS attacks twice, it is really exciting feeling, when you understand, that your service is real, and someone wants to get it down.

But the time is passing, my interests and priorities changed too. That is why I decided to shutdown my startup. I don’t want to hide my sources on hard drive, so I’ve decided to make them opensource. Totally. I published them on github https://github.com/smartvpnbiz with MIT license. So anyone can fork it, use anyway you want. You can try yourself in this hard business.

This is not an ads, I just want to help someone, who may need my experience. So I’ll be glad if my service will help anyone.

Hi there,

I did the same. I founded a VPN provider[0] in my free time. It is still running, but I have at times been close to shutting it down.

Most of my code has been open the whole time and is on github[1]. Some internal tools and the website are not on github though. I went with AGPL for license. It'll make my day if someone forks my code and founds their own provider.

I operate out of Iceland and most of my clients are Icelandic. The biggest use case for my service was ISPs in Iceland charging extra for international bandwidth. By having my servers in Icelandic datacenters, I was able to provide my customers with significantly lower prices for bandwidth, thereby lowering the cost of internet for a lot of people. Considering the huge time investment that has gone into this side project, I have not made much money from it. But knowing that I helped my internet usage more affordable is something that has made this project meaningful for me.

Since I started, lots of things have changed. Some ISPs are now offering unmetered connections (this was unheard of before). Others have lowered their prices. I have heard people attributing part of these changes to me and my company.

I have not experienced DDoS attacks like you, but I have been the subject of meetings at some regulatory boards in Iceland, as well as at the monopoly behind the submarine cables[2] connecting Iceland to the world (the source of this dual-pricing schemes). One hosting provider was forced to change their core routing shortly after I starting hosting with them, to make me unable to host there. Other providers have come under preassure from this monopoly to kick me out. Like you said, you feel like your service was real -- someone with a vested interest against it was watching me.

Some time in the near future I will shut down the service. It's just time to move on to other projects and time to recognize that it's fulfilled it's usefulness. I know I will walk away from this project with a great sense of accomplishment, I am proud and happy with the work I did.

[0]: www.lokun.is

[1]: https://www.github.com/benediktkr/lokun-record

[2]: https://en.wikipedia.org/wiki/FARICE-1

How exactly do you save them money? If they connect from Iceland to Iceland, they haven't changed their point of origin right? So any use of overseas servers would still cost them?

Usually, home users would by a fiber/dsl connection which includes an unlimited amount of domestic bandwidth and a set amount of "international bandwidth", typically from 10GB to 2000GB. When exceeding this quota, users would typically be billed somewhere around $15 for each 10GB increment they went over the quota.

The size (measured in GB) of the international bandwidth "addon" determined the price of the connection far more than the speed of it.

By hosting my servers in Iceland, the traffic through the VPN would not count towards the "international bandwidth" of my users. And since I was hosting in datacenters, I would be paying less for the bandwidth than at a typical home connection.

Ah gross, that's pretty messed up. I guess I have s romantic view of Iceland where they wouldn't let that cheesy kinda pricing to exist. Or especially that they'd fight your company. Insane.

Indeed. But there are also dual pricing schemes in datacenters. They don't want you to peer with RIX (Eeykjavík Internet Exchange) and charge those who do a higher price (hence forcing one hosting provider to change their routing.

You're a hero. That is an awesome idea.

Well, your vpn had an interesting usecase(making traffic cheaper). In russia everybody just uses some free browser extensions to bypass traffic filtering :(

Iceland is not free from censorship (and is far from the freedom of speech haven people seem to think it is).

The largest ISPs in Iceland were forced to block access to The Pirate Bay and Deildu.net (icelandic torrent site). These blocks were of course hugely ineffective and at most an annoyance.

And in russia blocks are not effective(everyone bypass them), but they also affect really peaceful websites. And it is only beginning, waiting for Great Russian Firewall.

can you drop me an email? martin@getcodified.com

sure, i did

This is an interesting read! Like some of the others here I too am trying this. A friend and I founded a VPN provider[0] targeting short term subscriptions (i.e. VPN while at a coffee shop, etc) and later some other novel features as we get further down the road.

I first got an idea for this after publishing my OpenVPN docker image [1][2] which received more attention then I ever imagined. The BackRoad[0] service runs all the VPNs with the exact docker image in the public github repo[2] + CoreOS and all that jazz to make it scale.

I come from a hardware background where starting something is completely different then a web service. I think it's interesting with only minimal risk as you've pointed out.

Thanks for sharing!

[0] http://backroad.io

[1] https://registry.hub.docker.com/u/kylemanna/openvpn/

[2] https://github.com/kylemanna/docker-openvpn

I've been looking on docker too, thanks!

Thought about doing this. Questions:

-Which VPN server software did you use? -Did build your own custom client wrapper, or did you have people download something like OpenVPN and enter the configuration info themselves

-How many customers did u end up getting? -Was it hard to acquire customers? -Were people more price sensitive or feature sensitive?

I used OpenVPN. Didn't have enough time to build custom client wrapper. So our customers used some openvpn client, or viscosity.

We had about 400 registred clients, of course not all were active and paying.

Getting paying customer is quite hard. Some people just register. Others register, pay, but do not start using. Some of them use service for 2 months, then leave. After 2 months they come back.

There different requirements, but most of people want super easy install process. But all of them have different network configurations, so even with simple client you will have to spent time helping people to start using service.

My service was low-end, it was 3$/month.

FWIW, that customer churn and on again off again usage pattern might not be anything to do with your service. I use inexpensive VPNs where I can register with an anonymous prepaid credit card and a "throw away" email address - I'll then use the service until the credit runs out and then switch to another inexpensive VPN provider. I think of it as "spreading my needle across as many haystacks as possible".

Probably. But they used the same email. Simply they used service from time to time

How many active users did you have in your peak? And how large was your server to support them?

We had 6 vps in different countries. It was about 20-30 active users, with total number of users - 250.

I also used OpenVPN. We started out by making a wrapper over the OpenVPN client on windows. Hindsight being 20/20, I would recommend for someone starting out with building a VPN provider to start on focusing on building a great infrastructure and not worrying about having your own client applications from the start. Stand on the shoulders of giants, the OpenVPN client(s) are great.

We didn't realize this but in creating this application we sort of inherited all usability problems from OpenVPN, without inheriting their solutions and known workarounds.

You're a fantastic person, and thanks for doing this. Hopefully it'll be the spark that ignites someone else's passion.

Thanks for pleasant words

This is great - thanks for doing this. We did something similar, helping people build their own OpenVPN servers here: https://www.tinfoilsecurity.com/vpn

I'm all for more great and easy-to-use VPN tools! :)

I'm also setting up a small VPN service with friends. Mostly aimed at penetrating the firewall at my university. Although we chose to use SoftEther VPN instead of OpenVPN.


It is really powerfull solution, but when it was opensourced it didn't look like server-side project

Thanks for doing this!

Something I've always wondered, for the VPN providers out there, how do you guys protect yourself from the liability as a result from the actions of your customers, whom are supposedly anonymous?

Hi! Every business has its risks. Some customers may break the laws. Mostly we faced downloading stolen films, software and other stuff.

Real hackers and carders do not use low-end cheap VPN.

So our customers were mostly people who just want to bypass government blocks.

You can use oh-my-vpn to setup shared VPN server with your friends. https://github.com/alaa/oh-my-vpn

I see you baked most of everything from scratch as far as your control panel goes. Is there any reason why you didn't simply opt for something like WHMCS and then bake in your own API wrapper?

I just love coding. The second reason that initially I wanted custom solution, that can be flexible. With my own project built from scratch I could introduce new any features much faster.

VPNs are cool :D

> Internet in russia became very limited and censored.

I guess that you must really be craving attention or perhaps it was a part of your marketing pitch, but try and not exaggerate things beyond ridiculous. Internet in Russia is a far cry from being "very limited". I travel there every few months to see family and I'm yet to hit any limitations or blacklists.

I am consistently annoyed that about 3 out of 30 links on every HN page are blocked in Russia. They are not intentionally blocked - it's collateral damage because they happen to share same ip address with censored websites. A single blocked Cloudflare ip can make a thousand websites unavailable.

Well, and I live and russia and see what is happening here. It is not marketing or collecting attention. It's just my personal opinion.

Your anecdotal experience does not invalidate his.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact