SoHo VPN providers and rDNS, etc -- recommendations?

[Mark Thurston]

 > I've got a simple question.  I'm in the US, and I'm looking for a VPN provider that uses IPsec and can provide an rDNS record for my public IPv4 pointing back to my domain.  I've asked several VPN providers and they don't seem to understand what I'm asking (NordVPN, ProtonVPN, NordLayer, etc).  Maybe I'm just asking wrong.
 > 
 > How do you make SPF, DKIM, and X.509 TLS certificates with DNS: SNI's work without this?
 > 
 > The other thing that would be handy is if they also provided DNS hosting for customer domains (so I could drop GoDaddy which I'm sick of).
 > 
 > You'd think they'd offer both for one-stop-shopping but I can't seem to locate any.  Does anyone use Amazon for this for a single or a couple of IPv4's?  What's been your experience?
 > 
 > Any others that people are happy with?
 > 

I'm not sure a VPN service aimed at the average punter will provide this.

I would suggest an entry-level VM on a cloud-provider (Linode's "nanode" $5pm, for example). Then you can then choose your DNS nameserver allowing you to configure your DNS yourself including all the extras that you need. Re VPNs, if you have the option and need speed, I would go with WireGuard rather than IPSec. From a purely trying-to-keep-it-on-topic point of view, the improved resource use of WireGuard will allow you to use a low-powered embedded OpenWrt device at the other end of the VPN.

The linuxserver.io wireguard Docker image (https://docs.linuxserver.io/images/docker-wireguard) is excellent for fast deployment of wireguard on off the shelf VMs.