New WireGuardNT shatters throughput ceilings on Windows
Enlarge / Forget bendable mobile phones-we're holding out for working mobile phone plushies. (credit: Carol Yepes via Getty Images)
The WireGuard VPN project announced a major milestone for its Windows users today-an all-new, kernel-mode implementation of the VPN protocol called WireGuardNT. The new implementation allows for massively improved throughput on 10Gbps LAN connections-and on many WI-Fi connections, as well.
WireGuard (on Windows) and WintunThe original implementation of WireGuard on Windows uses wireguard-go-a userspace implementation of WireGuard written in Google's Go programming language. Wireguard-go is then tied to a virtual network device, the majority of which also lives in userspace. Donenfeld didn't like tap-windows, the virtual network interface provided by the OpenVPN project-so he implemented his own replacement from scratch, called Wintun.
Wintun is a definite improvement over tap-windows-the OpenVPN project itself has implemented Wintun support, with impressive results (414Mbps over tap-windows vs 737Mbps over Wintun). But while using Wintun is an improvement over tap-windows, it doesn't change the need for constant context switches from kernel space (where the "real" network stack lives) and userspace (where OpenVPN and wireguard-go both live).
Read 9 remaining paragraphs | Comments