So while I’m having issues running vpn on my docker host, I wanted to understand the difference between running vpn on the host vs a container. this is ofcourse assuming that I can tunnel all my container traffic and host traffic through the vpn instance, which will have to figure out separately.
eventually I’m looking at a router that can run vpn vs this setup.
I assume you are talking about running vpn client.
Ideally you should not be installing a vpn client inside your container - not for security reasons - but to ensure separation of concerns. If VPN client runs on the host - all traffic from your host and from all your containers will be routed through the VPN which you might not want.
You might want to explore setting up VPN client on a separate container (say C) and route all of your container’s traffic through C. This might be a bit complex to do but is possible. This way only your container’s traffic will route through VPN.
In kubernetes this can be achieved using a sidecar pattern, example (for reference only): https://gitlab.com/dealako/k8s-sidecar-vpn/tree/master/
I answered a similar question with a similar answer a few weeks back. Expect a barrage of criticism questioning your ability to expertise to even express such an opinion.
yah it is for vpn client and i do want to route all my traffic through vpn, specifically mask my location when it comes to things like watching sports online who block your broadcast based on location. what value is paying for MLB and not be able to watch your local team play because its blocked when playing at home.
Second paragraph first sentence, did you mean to say “on the host” instead of “inside your container”?
AD6I
thanks I’ve seen the other post I think I’m looking at the right one. It seems to be about VPN server vs a client.
I"m looking for thoughts on vpn client, masking my location.
In that case this is very trivial. You can run connect to vpn from your host and as long as your host is using your vpn gateway (default behaviour) the traffic from all your containers will be routed through VPN.
Just Reddit things! 
I am open to constructive criticism. And if someone is being very unreasonable - its best to ignore them.
ok I need to research this part a bit more, I went for the easy route of running vpn on the host and that broke my containers. but will research and test this out.
not trying to get the fire store of the other thread, I’m just curious if its as good running it in a container as it is on the host or router, just looking for the benefits comparison.
ideally the host runs the vpn or a router, but currently having issues with running vpn on the host and my containers breaking and my current router eero doesn’t support this unless its their vpn