ProHoster > Π‘Π»ΠΎΠ³ > xov xwm hauv internet > VPN WireGuard tau nkag mus rau hauv OpenBSD

VPN WireGuard tau nkag mus rau hauv OpenBSD

Jason A. Donenfeld, Tus Sau ntawm VPN WireGuard, tshaj tawm ΠΎ txais rau hauv cov tub ntxhais OpenBSD kernel tsav "wg" rau WireGuard raws tu qauv, kev siv tshwj xeeb network interface thiab kev hloov toolkit khiav hauv qhov chaw neeg siv. OpenBSD tau dhau los ua qhov kev ua haujlwm thib ob tom qab Linux nrog tag nrho thiab kev txhawb nqa rau WireGuard. WireGuard yuav tsum suav nrog hauv OpenBSD 6.8 tso tawm.

Cov thaj ua rau thaj muaj xws li tus tsav tsheb rau OpenBSD kernel, hloov mus rau ifconfig thiab tcpdump cov khoom siv los txhawb WireGuard kev ua haujlwm, cov ntaub ntawv, thiab cov kev hloov me me rau kev sib koom ua ke WireGuard nrog rau lwm qhov system. Tus tsav tsheb siv nws tus kheej siv cov algorithms Blake 2s, hxaj 20 ΠΈ nkhaus 25519, nrog rau kev siv SipHash twb muaj nyob rau hauv OpenBSD kernel.

Qhov kev siv yog sib xws nrog txhua tus neeg siv WireGuard rau Linux, Windows, macOS, * BSD, iOS thiab Android. Kev ntsuas kev ua tau zoo ntawm tus tsim tawm lub laptop (Lenovo x230) tau pom tias muaj peev xwm ntawm 750mbit / s. Rau kev sib piv, isakmpd nrog lub hauv paus chaw ike psk muab 380mbit / s throughput.

Thaum txhim kho tus tsav tsheb rau OpenBSD kernel, qee qhov kev txiav txim siab vaj tsev tau raug xaiv zoo ib yam li tus tsav tsheb rau Linux, tab sis tus tsav tsheb feem ntau yog tsim rau OpenBSD, nco ntsoov qhov tshwj xeeb ntawm cov kab ke no thiab suav nrog cov kev paub dhau los hauv kev tsim tus tsav tsheb rau Linux. Nrog kev pom zoo los ntawm tus thawj sau ntawm WireGuard, tag nrho cov cai rau tus tsav tsheb tshiab tau muab faib raws li daim ntawv tso cai ISC dawb.

Tus neeg tsav tsheb sib koom ua ke nruj nrog OpenBSD kev sib tham pawg thiab siv cov subsystems uas twb muaj lawm los ua kom cov cai nruj heev (txog 3000 kab ntawm txoj cai). Ntawm qhov sib txawv, kuj tseem muaj kev sib cais ntawm cov tsav tsheb sib txawv dua li rau Linux: kev sib txuas tshwj xeeb rau OpenBSD tau hloov mus rau "if_wg.*" cov ntaub ntawv, cov cai rau DoS tiv thaiv yog nyob rau hauv "wg_cookie.*", thiab kev sib txuas lus sib tham thiab encryption logic yog nyob rau hauv "wg_noise.*".

Tau qhov twg los: opennet.ru

Ntxiv ib saib