WireGuard: A very strong candidate to replace OpenVPN and IPSec VPNs

Advanced feature discussion, beta programs and unsupported "Labs" features.
10 posts Page 1 of 1
by forest » Thu Apr 26, 2018 3:58 pm
For anyone wishing for a VPN with lower complexity, better performance, or less administrative hassle than currently-popular VPN protocols, or who just likes to be informed about such things, check out WireGuard. It looks very promising.

I expect the the kernel implementation to avoid the context-switching bottleneck that hampers OpenVPN, allowing low-power devices to run at closer to wire speed and giving VPN servers significantly greater capacity.
by faisal » Tue May 01, 2018 12:57 am
Where are you terminating?
by kgc » Tue May 01, 2018 10:19 am
Interesting in that one of OpenVPN's specific benefits is that it is in user space. This not only increases portability but simplifies development and maintenance.
Kelsey Cummings
System Architect, Sonic.net, Inc.
by forest » Tue May 01, 2018 11:20 am
kgc wrote:
Interesting in that one of OpenVPN's specific benefits is that it is in user space. This not only increases portability but simplifies development and maintenance.


Yes, to some extent. Unfortunately, it comes at the price of a ton of context switches. This seems to be why openvpn bottlenecks at relatively low speeds on devices like my EdgeRouter X, despite having crypto hardware, and even in protocol tests with crypto disabled.

WireGuard's small, simple code base is another approach to easing portability, development, and maintenance.

Anyway, it looks like it's getting both a kernel implementation and a user-space implementation, so you'll have access to the latter if you prefer.
https://www.wireguard.com/xplatform/
by forest » Mon Mar 30, 2020 7:28 pm
Follow-up: WireGuard has reached 1.0.

https://arstechnica.com/gadgets/2020/03 ... ux-kernel/
by zbang » Tue Mar 31, 2020 1:48 pm
It's available for just about every common OS (linux, freebsd, mac, windoze) and is even in openwrt. (Some in the kernel, some in user space.)
by craig.langman » Fri Apr 24, 2020 10:07 am
It's apparently included in the latest ubuntu (20.04). I came here to search if sonic had any support for it, seems no...
by mediahound » Tue Apr 28, 2020 9:44 am
Is there a way to import a .opvn file in to Wireguard? I was not able to figure it out.
by forest » Tue Apr 28, 2020 1:15 pm
mediahound wrote:
Is there a way to import a .opvn file in to Wireguard?


No. OpenVPN and WireGuard are fundamentally different and not compatible with each other. Even if the configurations were compatible, you would need the VPN provider to offer WireGuard, which Sonic currently does not.
by mediahound » Tue Apr 28, 2020 1:17 pm
forest wrote:
mediahound wrote:
Is there a way to import a .opvn file in to Wireguard?


No. OpenVPN and WireGuard are fundamentally different and not compatible with each other. Even if the configurations were compatible, you would need the VPN provider to offer WireGuard, which Sonic currently does not.



Thanks. I'll stick with Viscosity.
10 posts Page 1 of 1

Who is online

In total there are 2 users online :: 0 registered, 0 hidden and 2 guests (based on users active over the past 5 minutes)
Most users ever online was 700 on Thu Jun 18, 2020 12:00 pm

Users browsing this forum: No registered users and 2 guests