Joined: 18 Mar 2014 Posts: 12917 Location: Netherlands
Posted: Tue Sep 29, 2020 8:23 Post subject:
I have been using it for some time and it works without any problem, I Use commercial providers (KeepSolid and Azire) and host my own WG server to connect with Android phones and windows clients.
Speed is over three times OpenVPN.
Unfortunately PIA does not support it (yet?) on the router.
Drawback when using a commercial WG provider you use a static IP so are more "traceable" (some provider are hiding this by creating an extra NAT layer)
So if privacy is a major concern stick with OpenVPN otherwise WG is fine.
Do you mean you can't change internal or external IP at all? I would guess the PIA system works the same as their port forward, when you ask for a new access token that also gives you new IPs like it does a port.
PIA seems to be supporting WG on other devices now. They have just released some scripts for port forwarding and connecting with WG on linux devices and ddwrt in particular. I can't say I could make them work for the port forwarding when I tried earlier, but I could probably now as I was missing some binaries.
What makes WG different is that unlike OpenVPN and most other VPNs that run in user-space, it runs in the *kernel*, giving it a significant speed advantage (place OpenVPN in the kernel and you'd see similar performance improvements). But that's a double-edged sword. It also means that if there are unknown vulnerabilities, it has the *potential* to lead (at least in the worst case) to remote code execution!
It's also simpler because it eliminates certain functionality, like bridged tunnels. But ironically, bridged tunnels are actually simpler to implement, at least when dealing w/ your own VPN server. It's all the routing and firewall issues w/ routed VPN tunnels that cause the headaches. And I suspect w/ time, feature-creep will set in and it will become as bloated and complex as every other VPN.
Basically, WG is being given *privileged* status in Linux. Why, I don't know. As I said, OpenVPN (and any other VPNs) could benefit similarly from such privileged status. But you usually don't do this because of the risk of opening the kernel to corruption.
Joined: 08 May 2018 Posts: 14246 Location: Texas, USA
Posted: Sat Oct 16, 2021 21:33 Post subject:
I still cannot believe someone over at FreshTomato even thought porting WG to Linux 2.6 was a good idea. Definitely not, IMHO. And it's not even being maintained. Sorry, my Tourette's almost kicked in. _________________ "Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT Pogo - A minimal level of ability is expected and needed... DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)
----------------------
Linux User #377467 counter.li.org / linuxcounter.net
Thats an old kernel. You never know what obscure hardware it's running on. I might be something military or nasa and they now want the power of wireguard lol
Joined: 08 May 2018 Posts: 14246 Location: Texas, USA
Posted: Sat Oct 16, 2021 23:32 Post subject:
I guess the words "FreshTomato" (firmware) just got completely ignored or glazed over. Most WiFi5 router stock firmwares use a Linux 2.6 kernel. There's a lot of things that still use, or did use a Linux 2.6 kernel until recently. _________________ "Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT Pogo - A minimal level of ability is expected and needed... DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)
----------------------
Linux User #377467 counter.li.org / linuxcounter.net