![]() ![]() This probably won't happen frequently enough for you to notice if you only have a few tens of clients, and most of those are manually operated by a human clicking something to connect and disconnect their tunnel as needed anyway. One of my biggest operational beefs with OpenVPN is how its tunnels can either crash or hang. Two orders of magnitude fewer lines of code mean a lot less attack surface to find flaws in.Ī much smaller codebase also means code that's more likely to work the way it's supposed to. WireGuard weighs in at around 4,000 lines of code this compares to 600,000 total lines of code for OpenVPN + OpenSSL or 400,000 total lines of code for XFRM+StrongSwan for an IPSEC VPN. Fewer lines of codeĪ little more research gave me some insight into why Torvalds might have been so uncharacteristically positive. If you think "maybe it isn't perfect, but" is damning with faint praise, you clearly aren't familiar with Torvalds' acerbic writing style. That was enough to get me to sit up and pay attention. Linus Torvalds, on the Linux Kernel Mailing List So how did WireGuard rattle my cage hard enough to get me to actually play with it? It had something you almost never see: a positive comment about its code from none other than Linus Torvalds. I use OpenVPN heavily I'm thoroughly familiar with it, and it scratches most of my VPN-related itches pretty well. I've seen a few new VPN designs pop up in the last few years- ZeroTier and Tinc come to mind-and each time, I've thought, "I should really look into that." And then I haven't. All of that might lead you to ask: in a world that already has IPSEC, PPTP, L2TP, OpenVPN, and a bewildering array of proprietary SSL VPNs, do we need yet another type of VPN? OK, but why? It's also designed to be easily portable between operating systems. ![]() The software is free and open source-it's licensed GPLv2, the same license as the Linux kernel-which is always a big plus in my book. WireGuard is a new type of VPN that aims to be simpler to set up and maintain than current VPNs and to offer a higher degree of security. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |