Re: net/wireguard-go: is it useful?

To: Greg Troxel <gdt%lexort.com@localhost>
Subject: Re: net/wireguard-go: is it useful?
From: David Brownlee <abs%absd.org@localhost>
Date: Tue, 1 Apr 2025 22:48:29 +0100

On Tue, 1 Apr 2025 at 18:38, Greg Troxel <gdt%lexort.com@localhost> wrote:
>
> DESCR says "This is an implementation of WireGuard in Go."  Which
> leaves out what it actually does.
>
>   - If I build it on NetBSD 9 will it work?
>
>   - If I build it on NetBSD 10/current will it work?
>
>   - Upstream talks about wg(8). NetBSD 10 has wgconfig(8).  NetBSD 9 has
>     nothing even close.  Do you need to install ../wireguard-tools?  Why
>     doesn't it depend, at least on systems where that's necessary?
>
>   - Should I expect that things like tailscale can drive wireguard-go?
>
> And then: wireguard-tools is from 2021.  Is that really how things are?

We're using wireguard-go and wireguard-tools on various amd64 & i386
10.0 and 10.1 systems, and we had been using it on 9.x (I *think* it
was a full netbsd-9 release, but it is possible it was a pre-10
-current). This is connecting in a mesh with a mix of NetBSD and Linux
system, with systems on dynamic IP using PersistentKeepalive

We have a simple script to handle configuring the tun devices
automatically on start - https://sync.absd.org/wgnet/

Occasionally the one 10.x system with multiple active connections
appears to hit some strange routing issue where traffic stops flowing
until everything is reset (The same issue exhibited with openvpn).

It is planned to switch to the in-kernel wg, but as most of the
devices are remote that is something to be done "with care" :)

David

References:
- net/wireguard-go: is it useful?
  - From: Greg Troxel

Prev by Date: Re: net/wireguard-go: is it useful?
Next by Date: Re: net/wireguard-go: is it useful?
Previous by Thread: Re: net/wireguard-go: is it useful?
Indexes:

Home | Main Index | Thread Index | Old Index