On Wed, 5 Jul 2023 at 16:36, Chavdar Ivanov <[email protected]> wrote: > > On Wed, 5 Jul 2023 at 16:26, Martin Husemann <[email protected]> wrote: > > > > On Wed, Jul 05, 2023 at 05:10:42PM +0200, logothesia wrote: > > > Hi folks, > > > > > > What does the landscape look like regarding WireGuard? Is it supported at > > > all? > > > > In -10 and -current it is. I am using it on several machines (mostly with > > windows peers). > > But you have to add 'pseudo-device wg' to you kernel configuration - > it is not on by default: > > # uname -a > NetBSD ymir.lorien.lan 10.99.4 NetBSD 10.99.4 (GENERIC) #6: Wed Jul 5 > 12:53:40 BST 2023 > [email protected]:/dumps/sysbuild/amd64/obj/home/sysbuild/src/sys/arch/amd64/compile/GENERIC > amd64 > # ifconfig -C > vether bridge ipsec carp lagg agr pppoe vlan tun tap sl stf ppp lo > l2tp gre gif npflog > # grep wg /usr/src/sys/arch/amd64/conf/* > /usr/src/sys/arch/amd64/conf/ALL:pseudo-device wg > # VPN tunnel compatible with WireGuard
I see it is also a module; retracting the above. Just 'modload if_wg' . > > > > > > > ifconfig. It is my understanding that wireguard-tools only provides the > > > userland stuff (i.e., config file reading and so on). > > > > You do not even need that, base comes with wgconfig, and "man wg" tells > > you all about the setup tricks. > > > > > Do I have to compile a custom kernel, or enable something somewhere? > > > > Did you try "ifconfig -C"? That should list all clonable interfaces > > and includes "wg" if the kernel knows about it. > > > > > Not sure if it matters, but I am running NetBSD/evbarm-earmv6hf 9.3. > > > > You might, or load the if_wg kernel module (by adding it to > > /etc/modules.conf, > > see "man modules.conf"). > > > > Martin > > > > -- > ---- -- ----
