WireGuard is doing good things. PIA will be rolling out support shortly.
can wireguard work over tcp? many captive portals i encounter daily block most ports and almost always allow only tcp. so i set up openvpn on port 443 over tcp, which got through everything so far.
Includes a nice description of how WireGuard works on Linux, and how it's different from other VPN implementations.
Is WireGuard working as an IPv4 tunnel or can it transport arbitrary packets, like ipv6, becoming a tap interface?
Does it work as a link between two devices, or one-to-many? Does it support peer-to-peer connections within the group?
I've been an long time advocate of tinc. I'd love to see a comparison with WireGuard.
I use one of the many non-OpenVPN "VPN" alternatives. The one I chose has fewer lines/words/characters of code than Wireguard.
It does not require SSL/TLS, it can use Curve25519 and it is faster than OpenVPN.
It is a userland daemon (using /dev/tap), so it may be slower than Wireguard.
However I think it is more portable than WireGuard. (That is an important feature to me.)
How portable is WireGuard to BSD, Minix, Plan9, etc?
Good to see WireGuard getting some coverage. I‘ve been embracing it from the very beginning for small scale Kubernetes clusters running on virtually any cloud provider lacking isolated private networking[1]. It‘s been running stable in different environments for more than a year; set up and forget. Unlike similar software it‘s also dead simple to configure.
Apparently, Linus wants it in the Kernel[2].
[1] https://github.com/hobby-kube/guide/blob/master/README.md [2] https://lkml.org/lkml/2018/2/13/752