Re: Installation instructions for Debian

2017-05-14 Thread Daniel Kahn Gillmor 
On Sun 2017-05-14 10:44:56 +0200, Baptiste Jonglez wrote:
> Note that the previous installation instructions (basically, just "sudo
> apt install wireguard-tools wireguard-dkms") were valid for Debian sid.
>
> The new installation instructions are only valid for Debian jessie and
> Debian stretch (admittedly, probably the largest fraction of Debian
> users).  But I still think you should reflect this in the instructions.
>
> Debian wheezy is not supported (with its old 3.2 kernel), although it
> could be possible to use wireguard with the wheezy-backports kernel
> (3.16).  I don't think it's worth mentioning it anyway, Wheezy is
> old-stable and will soon be old-old-stable.

As the debian maintainer for wireguard, I agree with Baptiste on all
these points, and on his earlier recommendations.  Thanks, Baptiste, for
the clear and concise documentation.

--dkg


signature.asc
Description: PGP signature
___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: Performance of Wireguard on Infiniband 40G

2017-05-14 Thread Jason A. Donenfeld 
Hey Greg,

On Sun, May 14, 2017 at 12:48 PM, Greg KH  wrote:
> 4.9 is 6 months old, I'd be curious if 4.11 is any faster given the rate
> of change in the network stack :)

I imagine it might be. I think the biggest bottle neck, in any case,
is still the poor algorithm in padata. Hopefully we'll get this sorted
with the help of Samuel's research this summer!

Jason
___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: Performance of Wireguard on Infiniband 40G

2017-05-14 Thread Greg KH 
On Sun, May 14, 2017 at 11:55:52AM +0200, Baptiste Jonglez wrote:
> On Sun, May 14, 2017 at 12:52:11AM +0200, Jason A. Donenfeld wrote:
> > One small and unfortunate thought just occurred to me: the backporting
> > to really old kernels I'm pretty sure is way less efficient than newer
> > kernels on the RX, due to some missing core fast-path APIs in the old
> > kernels. In particular, I had to wrap the UDP layer with some nasty
> > hacks to get packets out, whereas newer kernels have an elegant API
> > for that which integrates in the right place. Just a thought... I
> > haven't actually done concrete measurements though.
> 
> Good idea, I have redone the same setup with kernel 4.9.18 from
> jessie-backports.
> 
> TL;DR: when switching from kernel 3.16 to 4.9, wireguard has a 50%
> performance gain in the most favourable case (large MTU).  Also, iperf
> seems generally faster than iperf3, most likely because iperf3 has no
> multi-threading.

4.9 is 6 months old, I'd be curious if 4.11 is any faster given the rate
of change in the network stack :)

thanks,

greg k-h
___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard