Re: What is the current Wireguard situation?

[Chavdar Ivanov <ci4ic4%gmail.com@localhost>]

On Wed, 5 Jul 2023 at 16:36, Chavdar Ivanov <ci4ic4%gmail.com@localhost> wrote:
>
> On Wed, 5 Jul 2023 at 16:26, Martin Husemann <martin%duskware.de@localhost> wrote:
> >
> > On Wed, Jul 05, 2023 at 05:10:42PM +0200, logothesia wrote:
> > > Hi folks,
> > >
> > > What does the landscape look like regarding WireGuard? Is it supported at
> > > all?
> >
> > In -10 and -current it is. I am using it on several machines (mostly with
> > windows peers).
>
> But you have to add 'pseudo-device wg' to you kernel configuration -
> it is not on by default:
>
> # uname -a
> NetBSD ymir.lorien.lan 10.99.4 NetBSD 10.99.4 (GENERIC) #6: Wed Jul  5
> 12:53:40 BST 2023
> sysbuild%ymir.lorien.lan@localhost:/dumps/sysbuild/amd64/obj/home/sysbuild/src/sys/arch/amd64/compile/GENERIC
> amd64
> # ifconfig -C
> vether bridge ipsec carp lagg agr pppoe vlan tun tap sl stf ppp lo
> l2tp gre gif npflog
> # grep wg /usr/src/sys/arch/amd64/conf/*
> /usr/src/sys/arch/amd64/conf/ALL:pseudo-device  wg
>  # VPN tunnel compatible with WireGuard

I see it is also a module; retracting the above. Just 'modload if_wg' .

>
>
> >
> > > ifconfig. It is my understanding that wireguard-tools only provides the
> > > userland stuff (i.e., config file reading and so on).
> >
> > You do not even need that, base comes with wgconfig, and "man wg" tells
> > you all about the setup tricks.
> >
> > > Do I have to compile a custom kernel, or enable something somewhere?
> >
> > Did you try "ifconfig -C"? That should list all clonable interfaces
> > and includes "wg" if the kernel knows about it.
> >
> > > Not sure if it matters, but I am running NetBSD/evbarm-earmv6hf 9.3.
> >
> > You might, or load the if_wg kernel module (by adding it to /etc/modules.conf,
> > see "man modules.conf").
> >
> > Martin
>
>
>
> --
> ----



-- 
----