|
|||
WireGuard: replacement for IPsec
Quote:
Slides in PDF Video in h.264 Video in VP8
__________________
Signature: Furthermore, I consider that systemd must be destroyed. Based on Latin oratorical phrase |
|
|||
I am more than a month late with this news, but this belongs here anyway.
WireGuard VPN makes it to 1.0.0—and into the next Linux kernel Quote:
__________________
Signature: Furthermore, I consider that systemd must be destroyed. Based on Latin oratorical phrase |
|
|||
The effort is underway to get WireGuard in OpenBSD: https://marc.info/?l=openbsd-tech&m=158926407905492&w=2
But if you can't wait that long, there is a userland implementation called WireSep which is available in ports: https://netsend.nl/wiresep |
|
|||
https://lists.zx2c4.com/pipermail/wi...ne/005588.html
Quote:
__________________
Signature: Furthermore, I consider that systemd must be destroyed. Based on Latin oratorical phrase |
|
|||
|
|
||||
Quote:
|
|
|||
If you read https://en.wikipedia.org/wiki/WireGuard you will notice that it uses a lot of crypto developed by Daniel J. Bernstein or is derived from it.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump |
|
||||
Indeed. It uses Bernstein's Curve22159, Chacha20, and Poly1305 primitives.
I've added my personal workstation as a VPN client, too. I'm very pleased with the outcomes for both phone and laptop. For the laptop, it was the first time I've added routes with -priority metrics, which permitted me to provision the correct routing table. Last edited by jggimi; 5th July 2020 at 12:01 PM. Reason: added primitives |
|
|||
Quote:
Google stats: Poland: 12,57% USA: 43,25% Akamai stats: Poland: 11,9% USA: 45,3% It is weird, because Poland doesn't have that bad Internet connectivity.
__________________
Signature: Furthermore, I consider that systemd must be destroyed. Based on Latin oratorical phrase |
|
||||
Many local networks in North America do not support IPv6, even if the ISP they are connected to support it. Often, SOHO routers are not provisioned for it, or the ISPs have IPv6 blocks assigned but do not actually offer IPv6 services to their customers, or they do not have trained staff or documentation to support customer deployments, which amounts to the same thing.
|
|
|||
In-kernel WireGuard is on its way to FreeBSD and the pfSense router
Quote:
Quote:
__________________
Signature: Furthermore, I consider that systemd must be destroyed. Based on Latin oratorical phrase |
Tags |
ipsec, vpn |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Replacement for Hsetroot? | cats | OpenBSD Packages and Ports | 7 | 25th August 2022 10:51 AM |
Remote Replacement of OS | mwatkins | FreeBSD Installation and Upgrading | 4 | 5th April 2009 04:01 AM |
Trisentry replacement? | neurosis | FreeBSD Security | 0 | 10th December 2008 04:09 PM |
MB + CPU replacement | mururoa | FreeBSD General | 10 | 21st November 2008 08:21 PM |
Replacement for Mail? | Bruco | FreeBSD Ports and Packages | 9 | 14th June 2008 05:15 PM |