Development discussion of WireGuard
 help / color / Atom feed
* Is there a way to use wireguard as a non-encrypted VPN?
@ 2020-04-11 19:13 mike
  2020-04-14  8:53 ` 
                   ` (2 more replies)
  0 siblings, 3 replies; 5+ messages in thread
From: mike @ 2020-04-11 19:13 UTC (permalink / raw)


I have some older routers that run OpenWRT just fine, but are a bit slow at
Wireguard (3-5 MBytes/s for SMB transfers) and which are too slow for
playing HD movies.
For these routers/uses I don't care about security, I just want a VPN to
tunnel (thru Comcast, and other ISPs that block lots of ports.)
If there was a way to use Wiireguard?with encryption disabled, I'm pretty
sure my performance would be closer to 20-50 MB/s which would be more than
adequate.
Thanks.
Mike Farmwald





^ permalink raw reply	[flat|nested] 5+ messages in thread

* Is there a way to use wireguard as a non-encrypted VPN?
  2020-04-11 19:13 Is there a way to use wireguard as a non-encrypted VPN? mike
@ 2020-04-14  8:53 ` 
  2020-04-14  9:06 ` mike
  2020-04-14 15:02 ` wireguard
  2 siblings, 0 replies; 5+ messages in thread
From:  @ 2020-04-14  8:53 UTC (permalink / raw)


On Tue, Apr 14, 2020 at 10:30 AM <mike at pmfarmwald.com> wrote:
>
> I have some older routers that run OpenWRT just fine, but are a bit slow at
> Wireguard (3-5 MBytes/s for SMB transfers) and which are too slow for
> playing HD movies.
> For these routers/uses I don't care about security, I just want a VPN to
> tunnel (thru Comcast, and other ISPs that block lots of ports.)
> If there was a way to use Wiireguard with encryption disabled, I'm pretty
> sure my performance would be closer to 20-50 MB/s which would be more than
> adequate.
> Thanks.
> Mike Farmwald
>

Hi Mike,

No, WireGuard does not and will never support your use case of
disabling encryption.

If you are able to, buy a router that is powerful enough to do
WireGuard at your preferred throughput. Otherwise you would need to
use other encapsulation methods. OpenVPN with hardware AES
acceleration might work (if your routers support that). However
OpenVPN lives in userspace so it needs to do a memory copy from kernel
to userspace for each packet. I'm not sure how the performance will
work out in practice.

If you look at other methods you might want to consider the state of
its maintenance. PPTP code is likely to be very old and unmaintained
for instance. Your router might very well end up hacked.

Cheers,
Fredrik Stromberg


^ permalink raw reply	[flat|nested] 5+ messages in thread

* Is there a way to use wireguard as a non-encrypted VPN?
  2020-04-11 19:13 Is there a way to use wireguard as a non-encrypted VPN? mike
  2020-04-14  8:53 ` 
@ 2020-04-14  9:06 ` mike
  2020-04-14 15:02 ` wireguard
  2 siblings, 0 replies; 5+ messages in thread
From: mike @ 2020-04-14  9:06 UTC (permalink / raw)


On 12/4/20 4:43 am, mike at pmfarmwald.com wrote:
> I have some older routers that run OpenWRT just fine, but are a bit slow at
> Wireguard (3-5 MBytes/s for SMB transfers) and which are too slow for
> playing HD movies.
> For these routers/uses I don't care about security, I just want a VPN to
> tunnel (thru Comcast, and other ISPs that block lots of ports.)
> If there was a way to use Wiireguard?with encryption disabled, I'm pretty
> sure my performance would be closer to 20-50 MB/s which would be more than
> adequate.
> Thanks.
> Mike Farmwald
>
>
>
I suggest that your use a GRE tunnel connection.

Mike



^ permalink raw reply	[flat|nested] 5+ messages in thread

* Is there a way to use wireguard as a non-encrypted VPN?
  2020-04-11 19:13 Is there a way to use wireguard as a non-encrypted VPN? mike
  2020-04-14  8:53 ` 
  2020-04-14  9:06 ` mike
@ 2020-04-14 15:02 ` wireguard
  2020-04-14 15:16   ` rm
  2 siblings, 1 reply; 5+ messages in thread
From: wireguard @ 2020-04-14 15:02 UTC (permalink / raw)


On Sat, 11 Apr 2020 12:13:36 -0700
<mike at pmfarmwald.com> wrote:

> I have some older routers that run OpenWRT just fine, but are a bit slow at
> Wireguard (3-5 MBytes/s for SMB transfers) and which are too slow for
> playing HD movies.
> For these routers/uses I don't care about security, I just want a VPN to
> tunnel (thru Comcast, and other ISPs that block lots of ports.)
> If there was a way to use Wiireguard?with encryption disabled, I'm pretty
> sure my performance would be closer to 20-50 MB/s which would be more than
> adequate.
> Thanks.
> Mike Farmwald
> 

If you're actually just looking for an unencrypted tunnel, there is some standardized stuff like GRE[1] or IP in IP[2] out there.

The Linux Kernel supports both of those natively and it looks to me like OpenWRT should be able to configure at least one of them through its interface.

1: https://en.wikipedia.org/wiki/Generic_Routing_Encapsulation
2: https://en.wikipedia.org/wiki/IP_in_IP


^ permalink raw reply	[flat|nested] 5+ messages in thread

* Is there a way to use wireguard as a non-encrypted VPN?
  2020-04-14 15:02 ` wireguard
@ 2020-04-14 15:16   ` rm
  0 siblings, 0 replies; 5+ messages in thread
From: rm @ 2020-04-14 15:16 UTC (permalink / raw)


On Tue, 14 Apr 2020 17:02:41 +0200
ajs124 <wireguard at ajs124.de> wrote:

> On Sat, 11 Apr 2020 12:13:36 -0700
> <mike at pmfarmwald.com> wrote:
> 
> > I have some older routers that run OpenWRT just fine, but are a bit slow at
> > Wireguard (3-5 MBytes/s for SMB transfers) and which are too slow for
> > playing HD movies.
> > For these routers/uses I don't care about security, I just want a VPN to
> > tunnel (thru Comcast, and other ISPs that block lots of ports.)
> > If there was a way to use Wiireguard?with encryption disabled, I'm pretty
> > sure my performance would be closer to 20-50 MB/s which would be more than
> > adequate.
> > Thanks.
> > Mike Farmwald
> > 
> 
> If you're actually just looking for an unencrypted tunnel, there is some standardized stuff like GRE[1] or IP in IP[2] out there.
> 
> The Linux Kernel supports both of those natively and it looks to me like OpenWRT should be able to configure at least one of them through its interface.
> 
> 1: https://en.wikipedia.org/wiki/Generic_Routing_Encapsulation
> 2: https://en.wikipedia.org/wiki/IP_in_IP

Those both require dedicated IP on both ends of the connection, which is not
always the case on residential ISPs' IPv4 now.

I'd suggest to check out L2TP instead, which doesn't, and can be used without
encryption too, that one can work.

Or PPTP as mentioned, but it's more complex (separate signaling and data
protocols) for no good reason and has more issues traversing NATs/firewalls.

-- 
With respect,
Roman


^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, back to index

Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-04-11 19:13 Is there a way to use wireguard as a non-encrypted VPN? mike
2020-04-14  8:53 ` 
2020-04-14  9:06 ` mike
2020-04-14 15:02 ` wireguard
2020-04-14 15:16   ` rm

Development discussion of WireGuard

Archives are clonable: git clone --mirror http://inbox.vuxu.org/wireguard

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://inbox.vuxu.org/vuxu.archive.wireguard


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git