ANSWERED VPN inside a VM inside a VPN

[misamarumaru 0]

This is neither troubleshooting nor a problem BUT I think is relevant here because I want to check if something that I'm doing that's working is actually a good idea in the first place.

In short, I have Ubuntu running as a VM inside Parallels on my Mac. I set up Ubuntu to connect over Wireguard to an AirVPN server in the Netherlands. The connection is set as a default and happens successfully on startup. However, the Mac itself (the host) is connected to a different AirVPN server via another Wireguard configuration in the UK, and the VM is configured to route all traffic through whatever connection the Mac has, which in this case is the AirVPN Wireguard tunnel in the UK.

This means the Ubuntu connection is sometimes double-VPN'd, via both Amsterdam and the UK. This setup works fine; Ubuntu thinks (according to IPLeak) that its connection is to the Netherlands, while the host Mac thinks (also according to IPLeak) it's connected to the UK. Both machines are fast, work perfectly and I have no problems.

So my question is: what stupid thing am I ignoring? I appreciate there's a performance hit to a double VPN, but I still get over 200Mbps inside the Ubuntu VM and that's more than enough for the mundane crap I use it for in the day. The simple reason for all this is that I only use the VPN on the Mac as well when I'm at work. I didn't want to have to shut down or reconfigure Ubuntu's connection every day so I just left that one in place when I added the one to the Mac. When I'm at home, only the Ubuntu VPN is active and so isn't double-hopped. 
 

[Staff 10087]

@misamarumaru

Hello!

Your setup is not infrequent to achieve "double hop" and increase the anonymity layer robustness in case one of the VPN servers is secretly or even illegally wiretapped and another one is not. The price to pay, as you noticed, is a performance hit. This setup is not "optimal" for the mentioned purpose because all the hops belong to the same entity. When a much more robust privacy or anonymity layer is needed, and one is fine with a remarkable performance decrease, a more effective multi-hopping is with the Tor network, even without previous double hop.

Kind regards
 

[misamarumaru 0]

Thank you. I think since my only concern here is my Ubuntu virtual machine not accidentally being spotted on corporate Wi-Fi, my setup is adequate. If I was in need of robust privacy beyond the confines of my desk I would consider Tor or multiple VPN providers. For now though, it seems I'm all set Thanks again.