Article 5FCEJ In-kernel WireGuard is on its way to FreeBSD and the pfSense router

In-kernel WireGuard is on its way to FreeBSD and the pfSense router

by
Jim Salter
from Ars Technica - All content on (#5FCEJ)
wireguard-freebsd-desktop-800x450.png

Enlarge / FreeBSD is getting its own in-kernel WireGuard module in the near future, thanks to a sponsored code contribution from Netgate, followed by additional code and review from Jason Donenfeld and several FreeBSD and OpenBSD developers. (credit: WireGuard / Jim Salter)

This morning, WireGuard founding developer Jason Donenfeld announced a working, in-kernel implementation of his WireGuard VPN protocol for the FreeBSD 13 kernel. This is great news for BSD folks-and users of BSD-based routing appliances and distros such as pfSense and opnSense.

If you're not familiar with WireGuard, it establishes connections more quickly than traditional VPNs like OpenVPN. It's also, in our personal experience, overwhelmingly more reliable when managing large numbers of connections. Your author used to spend several hours a month shelling into machines and manually re-establishing broken OpenVPN tunnels, even after writing watchdog scripts to attempt to detect and re-establish them automatically-tearing it all out and replacing this several-hundred-machine-monitoring network with WireGuard-based infrastructure cut that down to "zero hours per month."

In addition to performance and reliability, WireGuard brings modern protocols, versioned crypto that literally cannot be set up incorrectly, and a far cleaner, lighter codebase than most competitors-Linus Torvalds once declared it "a work of art" by comparison to OpenVPN and IPSec.

Read 10 remaining paragraphs | Comments

index?i=IWl7D5Y81ck:4q6IRmCZ-EE:V_sGLiPB index?i=IWl7D5Y81ck:4q6IRmCZ-EE:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments