Hey Egbert, Great to see! How much does this deviate from debian's? As far as I can tell, you should be able to keep things basically the same.
> Testing it constantly on 4 of my servers and works it great! Happy to hear that. > Even added a patch for ifupdown to setup WireGuard in > /etc/network/interfaces Cool! > The only downside is that I disabled AVX2 cpu extention in the code, > because of kernel panics on VPS's by a hosting company > (https://eggiecode.org/wg-kernel-panic.png). This isn't okay. Downstream packages really shouldn't be applying patches like that. If you revert that, I can list this as the primary PPA for WireGuard. With that said, let's actually try to fix this issue for good... AVX2 is advertised through CPUID. Is it possible that your VPS passes through the CPUID from the host while not supporting all instructions? Or perhaps, rather, fakes a CPUID that isn't the host's, while only supporting instructions of the host? Very mysterious. What hosting company is this? Is there a chance I can poke around at this setup? Do you know if it's KVM or Xen or VMWare or something else? If it turns out that your VPS host just does something horrible, I'll look for a way to globally disable kernel usage of AVX2, without having to patch WireGuard like that. If it's particular to the host, perhaps we can come up with either a particular kernel module to do the disabling, or some ungodly hack to /dev/kmem... Are you compiling your own kernel for this system, or just using stock Ubuntu kernel? I'm pretty sure, by the way, that we're using the right detection function within WireGuard, seeing as every other place in the tree uses the same thing: https://paste.kde.org/pdljfawf7/79eh62 . Thanks a bunch for helping out. Jason _______________________________________________ WireGuard mailing list WireGuard@lists.zx2c4.com http://lists.zx2c4.com/mailman/listinfo/wireguard