I'm running WG for some time and it works really well. Was super easy to set up - I did it in like 1-2hrs during a hacker conference last year, so even with blinking led lights all around it was very straightforward.
On the other hand I've yet to achieve sane battery lifetimes on my smartphone with a VPN active. I suspect it's because the VPN needs to reconnect whenever one of my messengers checks for new messages, or similar background services. Anyone have experience how to improve that?
I used to have a phone with a pay for usage data plan and kept mobile data disabled. I kept OpenVPN permanently enabled and it did not affect battery life at all. I then switched to a flat rate 2GB/month plan and now keep mobile data enabled. OpenVPN murders my battery.
The keepalive packets require keeping your phone's radios on. WiFi is pretty low power (<20 milliwatts iirc for the radio) so it has little effect, but mobile data is not low power. Apple & Google have put a lot of work into optimizing the OS to tweak usage to save power and the keepalive packets throw all of that out the window.
If keeping data off is a possibility for you, try that and see if the VPN still affects your battery life. If not, then you will have to set the VPN to only be active on WiFi or manually toggle it on/off whenever you want it.
I think it's the encryption overhead that burns the CPU cycles in turn affecting battery life. Other than that, it could be a bug (not releasing wakelocks, or waking up too frequently, or generally doing too many battery intensive tasks) in the VPN client that drains battery.
I think, on Android at least, IPSec is impl in kernel space so technically a VPN based on that should be more efficient. Wireguard is being upstreamed into Linux, so there's a chance Android picks it up and the efficiency improves.
When I used OpenVPN, the VPN had to keep sending keepalives and periodic key renegotiations to keep the session open. This is fine on a PC, but it keeps waking up the radio hardware on a mobile device which is a real battery drain. It's the same as running an app on the background that constantly polls for data, something Android spent a lot of time on fighting to gain better battery time.
I wouldn't hold my breath for official WireGuard support in the manufacturer Android kernels until some big corporations start relying on it but custom ROMs are able to use kernel modules already[1].
Encryption itself should not be much overhead. WireGuard cryptography is based on ChaCha20. While I haven't encountered any hardware support for ChaCha, it's performance is quite good, so good even that Google is requiring manufacturers of very low power Android devices (running Android 10+ Go) to implement ChaCha-based encryption on budget devices [2].
IPSec tends to use AES, which can be 2x to 4x more performant than ChaCha20 thanks to hardware acceleration. And the power savings may be even greater than the throughput differences.
Should be added that this is highly dependent on the specific hardware. AES is cripplingly slow where accelerators are misconfigured or otherwise unavailable.
If you have a brain larger than your leg, you should consider configuring an IPSec endpoint to save power on your phone.
This did bother me when I was still an OpenVPN server to connect my iPhone while away from my home WiFi. It really did measurably affect battery life. I’ve switched to wireguard since, using on-demand activation so it enables the VPN whenever I leave my home WiFi, and I can only say it has almost no impact on battery life whatsoever. According to the iOS battery stats wireguard accounts for about 3% of total battery usage on working days (vpn active most of the day), which is worth it as far as I’m concerned.
There was a significantly longer delay than expected between Cloudflare announcing the VPN service and it becoming generally available. Cloudflare has attributed much of this delay to overcoming client battery usage issues. Maintaining a balance of acceptable VPN performance and low battery usage is not an easy nut to crack.
On the other hand I've yet to achieve sane battery lifetimes on my smartphone with a VPN active. I suspect it's because the VPN needs to reconnect whenever one of my messengers checks for new messages, or similar background services. Anyone have experience how to improve that?