From: jens <jens@viisauksena.de>
To: WireGuard mailing list <wireguard@lists.zx2c4.com>
Subject: Re: limitations
Date: Sat, 14 Jan 2017 21:55:15 +0100 [thread overview]
Message-ID: <8e7bd349-31ba-9893-b1b6-b69a1b4ff385@viisauksena.de> (raw)
In-Reply-To: <CAOnWvx_BCaSO3i=319vCUjKuXG6E+8ReGsFGFFVgJLsdyb4RGg@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 1988 bytes --]
UDP is used for the connection between 2 wireguard instances .. using of
the tunnel itself is done with the wg0 interface, which is "normal"
Interface (layer3) - of cause you cannot do layer 2 (ethernet based) stuff.
(but i do actually some tests with gretap tunnel on top of wireguard (to
use batman-adv) - which works fine so far)
Wireguard can be compiled and is then loaded as kernel module, so its
easy to unload the module and load another one. But unloading the module
will drop all tunnel for that time, and they have tobe restored
afterwards - which is fine , since the tunnel is mainly stateless
just my simple insight (which may wrong or over simplyfied)
jens
( the freifunk WG with gretap and batman-adv if you interested
https://forum.freifunk.net/t/wireguard-0-0-20161230-mit-linux-3-18-kernel-und-damit-gluon-v2016-2-2/14122/7
)
On 14.01.2017 20:11, Wasa Bee wrote:
> Hi
>
> i've got 2 simple questions about WireGuard, correct me if I'm wrong:
>
> - it is only over UDP. If so, is there ever going to be a TCP version?
> A lot of applications that could benefit from WG use TCP. It does not
> seem wise to expect programmers to implement a TCP-like layer (eg
> retransmission, ack, etc) in userspace, is it? This would increase
> complexity unnecessarily and would lead to vuln in practice...
>
> - WG is implemented as a patch to the kernel or a kernel module? The
> reason I ask is that when an update is available for WG, it would be
> good not to have to replace the whole kernel, but only reload a
> patched WG module. Also: if there are ongoing sessions with some
> clients, how would sessions be re-established (afaik, the current
> design is to simply ignore irrelevant messages)?
>
> Thanks
>
>
> _______________________________________________
> WireGuard mailing list
> WireGuard@lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/wireguard
--
make the world nicer, please use PGP encryption
[-- Attachment #2: Type: text/html, Size: 3237 bytes --]
next prev parent reply other threads:[~2017-01-14 20:46 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-01-14 19:11 limitations Wasa Bee
2017-01-14 20:52 ` limitations Jason A. Donenfeld
2017-01-14 20:55 ` jens [this message]
2017-01-14 20:58 ` limitations Jason A. Donenfeld
2017-01-15 11:29 ` limitations Wasa Bee
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=8e7bd349-31ba-9893-b1b6-b69a1b4ff385@viisauksena.de \
--to=jens@viisauksena.de \
--cc=wireguard@lists.zx2c4.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).