Jason A. Donenfeld, marubucin VPN WireGuard, о an haɗa shi a cikin babban direban kernel na OpenBSD "wg" don ka'idar WireGuard, ƙayyadaddun hanyoyin sadarwa na cibiyar sadarwa da Toolkit aiki a cikin mai amfani sarari. OpenBSD ya zama OS na biyu bayan tare da cikakken goyon bayan WireGuard da haɗin gwiwa. Ana sa ran haɗa WireGuard a cikin sakin OpenBSD 6.8.
Facilan sun haɗa da direba don kwaya na OpenBSD, canje-canje ga ifconfig da tcpdump utilities don tallafawa ayyukan WireGuard, takardu, da ƙananan canje-canje don haɗa WireGuard tare da sauran tsarin. Direba yana amfani da nasa aiwatar da algorithms , и , da kuma aiwatar da SipHash da aka riga aka gabatar a cikin kernel na OpenBSD.
Aiwatar da aikace-aikacen ya dace da duk abokan cinikin WireGuard na hukuma don Linux, Windows, macOS, * BSD, iOS da Android. Gwajin aiki akan kwamfutar tafi-da-gidanka na mai haɓakawa (Lenovo x230) ya nuna kayan aiki na 750mbit/s. Don kwatantawa, isakmpd tare da saitunan ike psk na asali yana ba da kayan aiki na 380mbit/s.
Lokacin haɓaka direba don kernel na OpenBSD, an zaɓi wasu hanyoyin haɗin gine-gine waɗanda suka yi kama da direba don Linux, amma direban an haɓaka shi da farko don OpenBSD, yana la'akari da ƙayyadaddun wannan tsarin tare da la'akari da ƙwarewar da aka samu yayin ƙirƙirar direba don Linux. Tare da izinin ainihin marubucin WireGuard, ana rarraba duk lambar sabon direba a ƙarƙashin lasisin ISC na kyauta.
Direban yana haɗawa tare da tarin hanyar sadarwar OpenBSD kuma yana amfani da tsarin da ke akwai, wanda ke sa lambar ta kasance mai ƙarfi sosai (kimanin layukan lamba 3000). Daga cikin bambance-bambancen, rarrabuwar abubuwan direba shima ya bambanta da na Linux: Ana sanya takamaiman musaya na OpenBSD a cikin fayilolin “if_wg.*”, lambar kariya ta DoS tana cikin “wg_cookie.*”, da tattaunawar haɗin gwiwa da ɓoyewa. hankali yana cikin "wg_noise."
source: budenet.ru