Announcement

Collapse
No announcement yet.

OpenVPN Kernel Driver Patches Updated For Improving VPN Performance

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • elvis
    replied
    Originally posted by pokeballs View Post
    But why would anyone use that instead of the superior Wireguard that is already mainlined ?
    1) Diversity is good. Having only one choice in anything is bad for everyone involved. Especially in security, there's safety in heterogeneity.

    2) Wireguard is an excellent, simple, low-overhead VPN solution for connecting sites or machines, and for "always on" VPN connections. But it's entirely lacking in advanced features like integration with authentication systems, MFA, etc, which are vital for "road warrior" style users in corporate or business environments, especially for guest or vendor connections where you don't have control over the end-user's machine.

    I use both products for all the reasons listed. Neither is "better", and they both have their strengths and weaknesses depending on the use case.

    Leave a comment:


  • kieffer
    replied
    Apparently TAP-based VPN is no more "trendy" (forbidden in MacOS and Android for some times now, impossible with wireguard) but I am very pleased OpenVPN still is compatible. Layer-2 tunneling is mostly forbidden by those platforms because it requires the help of the kernel and root access ... Funny to see that there is now a kernel driver :-)

    Leave a comment:


  • darkbasic
    replied
    Originally posted by pokeballs View Post
    But why would anyone use that instead of the superior Wireguard that is already mainlined ?
    Layer 2 tunneling among other things.

    Leave a comment:


  • fitzie
    replied
    Originally posted by intelfx View Post

    Because WireGuard's management capabilities are nonexistent compared to OpenVPN.
    you are correct, but there is tailscale. it probably won't give the self-hosted/paranoid crowd the warm and fuzzies, but it's really a remarkable piece of engineering, and shows what is capable with wireguard once the ecosystem builds it out, there are some opensource versions like headscale, but it's really worth kicking the tires of tailscale just to see what is possible. much better than pritunl, imo.

    Leave a comment:


  • avis
    replied
    Originally posted by dibal View Post

    Typical AI nonsense.
    Some of the items on the list have been voiced in this very thread by real human beings. Doesn't look "nonsensy" to me at all.

    Leave a comment:


  • dibal
    replied
    Originally posted by avis View Post

    ClaudeAI:
    Typical AI nonsense.

    Leave a comment:


  • MastaG
    replied
    Originally posted by intelfx View Post

    Because WireGuard's management capabilities are nonexistent compared to OpenVPN.
    Exactly, I prefer Wireguard for it's simplicity and speed.
    But I have to do a ton of scripting for a little management.

    OpenVPN offers so much flexibility when it comes to management, tweaking and configuration.
    So this driver is a welcomed addition.
    However I recon it will take a long time before this will land in the embedded space (Mikrotik, *wrt, etc).

    Leave a comment:


  • intelfx
    replied
    Originally posted by pokeballs View Post
    But why would anyone use that instead of the superior Wireguard that is already mainlined ?
    Because WireGuard's management capabilities are nonexistent compared to OpenVPN.

    Leave a comment:


  • oibaf
    replied
    OpenVPN with the kernel module should be as fast as Wireguard, using the same crypto algo. And likely even better using AES-GCM (which is usually faster than the ChaCha20-Poly1305 used by Wireguard).
    Last edited by oibaf; 02 October 2024, 08:24 AM.

    Leave a comment:


  • royce
    replied
    Originally posted by pokeballs View Post
    But why would anyone use that instead of the superior Wireguard that is already mainlined ?
    Because openvpn has been around for ages and is everywhere.

    Leave a comment:

Working...
X