Show HN: Chained VPN routing lab with Linux netns, veth, and iptables
github.comI built a chained VPN lab to support multi-user traffic isolation using only raw Linux tools.
Each user gets:
- A WireGuard tunnel - A dedicated namespace (wg-$user) bridged via veth - NAT and routing table override - A second namespace (ovpn-$user) running OpenVPN - Final egress through tun1
The entire setup is controlled with bash scripts and PostgreSQL — no Docker, no containers, no Python, just raw netns, iptables, ip rule and shell.
Built for GDPR-compliant VPN infra with real isolation per collaborator.
Code and README: https://github.com/darksunstealth/multi-vps-routing
Would love feedback — this was one of the most complex and satisfying systems I’ve built in pure Linux.