Menu
▾
▴
Re: [Astlinux-users] AstLinux Pre-Release: astlinux-1.3-3534-c5e366
|
From: David K. <da...@ke...> - 2017-12-04 15:03:08
|
Having played with Wireguard I think that it is very good underlying technology to implement VPN. It seems to be very robust and tolerates roaming (client's IP address changing) very well. But there are missing pieces before it is ready for mainstream adoption. The biggest issue that I see is that client IP addresses (whether IPv4 or IPv6) needed to be managed manually.... if you have a dozen clients connecting in to the one server, each of these clients must have an IP address manually assigned and configured at the client, and the server needs to know what IP address was assigned and if there are any conflicts (two clients use the same IP address) then I guess the results are "undefined". Right now there is no way to have the server manage a pool of IP addresses and push out to the client a IP address when it connects, whether that IP is dynamically determined by the server or manually configured for each client on the server. Wireguard could never be deployed on a large scale without this. Managing IP addresses should not be a kernel task. So I suspect the raw VPN technology will get embedded into the kernel and solving IP address management will be left to some user space utility. I just don't know if it will require some supporting capability in the kernel or not. David On Sun, Dec 3, 2017 at 3:44 PM, Michael Knill < mic...@ip...> wrote: > Great thanks Lonnie. Im looking forward to it. Very cool! > > Regards > Michael Knill > > -----Original Message----- > From: Lonnie Abelbeck <li...@lo...> > Reply-To: AstLinux List <ast...@li...> > Date: Monday, 4 December 2017 at 1:39 am > To: AstLinux List <ast...@li...> > Subject: Re: [Astlinux-users] AstLinux Pre-Release: > astlinux-1.3-3534-c5e366 > > Hi Michael, > > > Wow (WireGuard) looks super easy to set up. > > Indeed, the easiest VPN you ever have setup, particularly for site-to-stie > scenarios routing networks across the VPN. > > > > So is it ready for production? > > I have had in production a remote AstLinux box (SIP / HTTPS) over > WireGuard for a few weeks now ... works perfectly, never missed a beat, > different ISP at each end. > > Officially, I would look for a 1.0.0 release and acceptance into the > mainline Linux kernel as milestones indicating WireGuard's > production-readyness ... should happen soon, but not yet. > > Definitely worth testing now. > > Lonnie > > > > On Dec 2, 2017, at 10:26 PM, Michael Knill <michael.knill@ipcsolutions. > com.au> wrote: > > > Wow looks super easy to set up. So is it ready for production? > > > > Regards > > Michael Knill > > > > -----Original Message----- > > From: Lonnie Abelbeck <li...@lo...> > > Reply-To: AstLinux Developers Mailing List <astlinux-devel@lists. > sourceforge.net> > > Date: Sunday, 3 December 2017 at 10:13 am > > To: AstLinux List <ast...@li...> > > Cc: AstLinux Developers Mailing List <astlinux-devel@lists. > sourceforge.net> > > Subject: [Astlinux-devel] AstLinux Pre-Release: astlinux-1.3-3534-c5e366 > > > > Announcing Pre-Release Version: astlinux-1.3-3534-c5e366 > > > > Particularly notable is the addition of the WireGuard VPN. > > > > The AstLinux Team is regularly upgrading packages containing security > and bug fixes as well as adding new features of our own. > > > > -- WireGuard VPN, new package; an extremely simple yet fast and modern > VPN that utilizes state-of-the-art cryptography. > > http://doc.astlinux-project.org/userdoc:tt_wireguard_vpn > > > > -- Asterisk 13 version bump to 13.18.3 > > > > These pre-release images are for those who would like to take advantage > of the AstLinux development before the next official release, as well as > providing testing for the project. > > > > The "AstLinux Pre-Release ChangeLog" and "Repository URL" entries can be > found under the "Development" tab of the AstLinux Project web site ... > > > > AstLinux Project -> Development > > http://www.astlinux-project.org/dev.html > > > > While these images are considered 'stable', the lack of testing will not > make these images suitable for critical production systems. > > > > If you should come across an issue, please report back here. > > > > AstLinux Team > > > ------------------------------------------------------------ > ------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > Astlinux-users mailing list > Ast...@li... > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > Donations to support AstLinux are graciously accepted via PayPal to > pa...@kr.... > > > ------------------------------------------------------------ > ------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > Astlinux-users mailing list > Ast...@li... > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > Donations to support AstLinux are graciously accepted via PayPal to > pa...@kr.... > |
