Testing "Exotic" P2P VPN

Summary

How did the moose beginMy standard "everyday" solution when it comes to connecting computers into a single network is Wireguard. Wireguard is good, supports p2p, and generally has no downsides.The downsides come from having part of my home infrastructure located in territory controlled by a country that has blocked Wireguard by signatures. This is, of course, utterly disgusting, and what's even more disgusting is that these blocks have long since stopped following any kind of legislation. The result is an incomprehensible black box that can do anything, behave however it wants, and nobody knows how this shaitan-machine even works anymore.So it's time for penetration.Why not obfuscation?Actually, there are several projects that allow obfuscating Wireguard traffic and punching through firewalls. udp2raw, wstunnel and others handle this excellently. And Amnezia VPN has made their own fork of Wireguard, specifically for breaking through government censorship.But the main problem with obfuscation is the reduction of effective packet MTU. Because we wrap one packet in another packet, and this overhead takes up space. And that's not good.What I want from a VPNp2p mesh network Wireguard is good, of course, but routing all traffic through one server has consequences. The consequences usually include launching a Mars rover to switch the VPN to another server in case of IP blocking or just because the server started feeling unwell. And routing traffic halfway around the planet just to get access to a machine that's within arm's reach — that's just wrong.Open source and selfhosted In matters like this, relying on a third-party provider is either dangerous or useless. Tailscale, for example, is famous for its geographical blocks, so relying on it is pointless. And since Tailscale doesn't do this on a whim (I hope), there's no guarantee that other services won't do the same.Ideologically correct VPN This point exists here specifically for Headscale and ZeroTier. Creating a crippl...