Okay, too many replies. I reckon I was misinformed, I'm sorry. It seems more interesting now. Thanks a lot of the feedback. I would read more, but I need to stop procrastinating and back to study.
About bloat: Why? That protocol might not be one protocol, but a family of protocols. Currently there are excesive "de facto" standards (many of them not reverse engineered of it's authors quite reactionary against third party implementations, like WhatsApp), many of them they have inherent aging signs and/or design issues. Why need a VPN for certain situations only? What about using VPNs per default whatever possible?
TCP/IP? IPv6 solves many things (but not everything! It's still a centralized protocol), but it has a very slow deployment in many countries (like mine). I agree NATs are the problem, but it's a problem that isn't going to disapprear anytime soon, so clever and robust "workarounds" should be made meanwhile. And the current Internet infraestructure is far from perfect even in "first world" countries (the others might be extremely censored, be extremely expensive for the average user and/or become an absolute crap... even using these old analog modems many of us used in the early 80-90s), it has too many holes and ISPs can do extremely horrible things in their networks. It's easy to say that's not the problem of the protocol implementations, but I think in order to become a success it must be robust in this horrible non-Star-Trek-like reality (that's one of the reasons Git got popular, because it seems to work reliably even in the shittiest Internet connection of the universe).
If WireGuard can become the lower layer of better replacements to specific-purpose "protocols" (they are more than protocols, but I mention it that way to simplify it) than the current used ones: That would be amazing! I want to see that!
Announcement
Collapse
No announcement yet.
We Could See WireGuard Upstreamed In The Linux Kernel In 2018
Collapse
X
-
Originally posted by s.ivanov View Post
While OpenVPN CAN work over TCP it is not the default nor recommended setup
Yes, UDP is more efficient - and when it works, it works well. But when you move off a simple local network, UDP might work - but it might quickly become a PITA.
So for me, a new VPN technology that is UDP only is a waste of time. It is maybe a replacement for horrors like IPSec, but not for the flexibility of OpenVPN. Make it support UDP and TCP - then you've got something really useful. For simple setups you can then use UDP for efficiency, and for complex setups you can use TCP for better routability.
Leave a comment:
-
In addition to being simpler, it is wat faster than openVPN. Check out the benchmarks page.
- Likes 1
Leave a comment:
-
Originally posted by timofonic View PostSo what's the advantage of WireGuard over OpenVPN? Is it just because WireGuard is a cooler name?
Is WireGuard so exciting or just overhype?
WTF? SSH can sometimes become an ass to configure, specially if over NAT.
If you want to connect directly to something, it needs to be exposed somehow as it needs to be accessible from outside the NAT, you can't change basic networking.
I think there's not need of just a VPN protocol, but a resilient networking connection protocol able to be used for X, SSH-like, Wayland and whatever shit you may want to.
And please kill obsolete baud crap of terminals! SSHFS sucks too! NFS sucks too! New protocol for both terminals, file sharing/transfer/NAS and Wayland, maybe based on 9P or whatever! Something not only shiny, but functional, robust, stable, easy to configure, usable even on the crappiest network and powerful.
Is WireGuard that protocol? I'm damn sceptic.
You have no idea of what you are talking about here, a protocol able to support both internal and external uses, VPN, file sharing, display, console and SSH is going to be a bloated mess of crap.
- Likes 1
Leave a comment:
-
Originally posted by timofonic View PostWTF? SSH can sometimes become an ass to configure, specially if over NAT. X redirection sucks too.
- Likes 1
Leave a comment:
-
timofonic - Rather than speculation or relying on oversimplified forum responses, if you want, you can read about WireGuard, in order to develop an informed opinion. These resources might help a bit:
- The front page has a big conceptual overview: https://www.wireguard.com/
- The paper has the most detailed description: https://www.wireguard.com/papers/wireguard.pdf
- The barebones description of the protocol is here: https://www.wireguard.com/protocol/
- Some notes and a link to a paper on its formal verification are here: https://www.wireguard.com/formal-verification/
Reading these will give you the most thorough information in order to determine why WireGuard exists and whether that existence is justified.
If that's a bit too much reading for something you don't necessarily even care about, that's fine too. The tl;dr is that this is a lot simpler to use than previous VPN setups and gives better security and performance. It might not be the reality-changing alien-technology multi-purpose solves-all-your-problems all-spice everything-protocol you were hoping for though, since it's just trying to do secure tunnels. But it does do one thing, and hopefully it does that one thing decently enough. It could create the basis for other people creating the big things you have in mind on top of it.
- Likes 4
Leave a comment:
-
Originally posted by s.ivanov View Post
While OpenVPN CAN work over TCP it is not the default nor recommended setup
I did read about roaming features, those remind me of MoSH and IPv6 features.
Is WireGuard so exciting or just overhype?
WireGuard aims to be as easy to configure and deploy as SSH.
I think there's not need of just a VPN protocol, but a resilient networking connection protocol able to be used for X, SSH-like, Wayland and whatever shit you may want to.
And please kill obsolete baud crap of terminals! SSHFS sucks too! NFS sucks too! New protocol for both terminals, file sharing/transfer/NAS and Wayland, maybe based on 9P or whatever! Something not only shiny, but functional, robust, stable, easy to configure, usable even on the crappiest network and powerful.
Is WireGuard that protocol? I'm damn sceptic.Last edited by timofonic; 11 November 2017, 06:47 PM.
- Likes 1
Leave a comment:
Leave a comment: