How's the performance of this utilizing the Docker controlled NAT? Especially with UDP, it seems like the significant latency overhead of Docker would dramatically impact the viability of running a VPN server.
You may optionally add "--net=host" to the "docker run" command to let the container use the host's network stack directly. That should eliminate the overhead I think.