On Tue, Dec 20, 2016 at 4:38 AM, Dan Luedtke wrote:
> No objection but a remark: It is now even more complex and I think shell
> script is not the right solution.
This is *not* a complex algorithm and can be implemented correctly in
shell. It's on my list for tomorrow to actually clean that up.
> On 20 Dec 2016, at 04:14, Jason A. Donenfeld
> https://git.zx2c4.com/WireGuard/commit/?id=5838c950859f1b55ad344e81b77a0b71917ffd61
>
> Unless there are objections, that will ship with the next snapshot
No objection but a remark: It is now even more complex and I think shell script
is not t
Hey Baptiste,
On Tue, Dec 20, 2016 at 2:13 AM, Baptiste Jonglez
wrote:
> By the way, besides the issue of magic, this approach seems incorrect
> depending on the order of the routes. Consider the case where cmd_add()
> handles the following sequence of allowed-ips:
>
> 10.0.0.0/8 dev wg0
On Sun, Dec 18, 2016 at 09:14:18PM +0100, Jason A. Donenfeld wrote:
> The way it should be done is described in wg-config:
>
> https://git.zx2c4.com/WireGuard/tree/contrib/examples/wg-config/wg-config#n130
>
> if [[ $AUTO_ROUTE -eq 1 ]]; then
> for i in $(wg show "$INTERFACE" allowed-
Just two regulars x86 boxes with intel cpu. No ARM/MIPS/something else.
___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard
Hi Sergey,
What hardware are you running?
Jason
___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard
Hello guys.
First of all thanks for the WireGuard project: it really simple &
powerful and no more headaches with openvpn :)
My question about network perfomance, I tested network speed with
iperf3 and got these results:
Raw test (no WireGuard):
$ iperf3 -c PUBLIC_IP
- - - - - - - - - - -
On Mon, Dec 19, 2016 at 2:19 PM, Baptiste Jonglez
wrote:
> spending the time to test and
> maintain this.
Can't argue with that, I guess.
___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard
On Mon, Dec 19, 2016 at 02:09:33PM +0100, Jason A. Donenfeld wrote:
> On Mon, Dec 19, 2016 at 2:06 PM, Baptiste Jonglez
> wrote:
> > Please provide numbers. I would be very surprised if a few redundant
> > routes have any performance impact, given that the kernel can handle 600k
> > routes withou
On Mon, Dec 19, 2016 at 2:06 PM, Baptiste Jonglez
wrote:
> Please provide numbers. I would be very surprised if a few redundant
> routes have any performance impact, given that the kernel can handle 600k
> routes without major issues.
I'm thinking about the case in which a server has a 10/8 of c
On Mon, Dec 19, 2016 at 01:32:31PM +0100, Jason A. Donenfeld wrote:
> On Mon, Dec 19, 2016 at 9:00 AM, Jörg Thalheim wrote:
> > What do you mean be precise? Is there a bug in the other logic apart from
> > probably unnecessary routes?
>
> Performance will suffer unnecessarily.
Please provide num
On Mon, Dec 19, 2016 at 9:00 AM, Jörg Thalheim wrote:
> Should no the output first sorted from the shortest subnet prefix to the
> longest?
No; that doesn't matter.
> What do you mean be precise? Is there a bug in the other logic apart from
> probably unnecessary routes?
Performance will suffe
On 2016-12-18 21:14, Jason A. Donenfeld wrote:
> Hey Dan,
>
> The route_allowed_ips directive is not precise enough. I'm CCing Jorg,
> the NixOS maintainer, because this same concern probably applies to
> the Nix logic.
>
> Your code is:
>
> if [ ${route_allowed_ips} -ne 0 ]; then
>for allowe
13 matches
Mail list logo