WireGuard inoramba ichityora, ikozvino yave OpenBSD inotora iyo protocol

murindi

Jason A. Donenfeld, munyori weVPN WireGuard, yakazivisa kugamuchirwa kweOpenBSD main "wg" mutyairi weiyo protocol WireGuard, iko kuiswa kweimwe network network, uye shanduko kumaturu anoshanda munzvimbo yemushandisi.

Nekudaro, OpenBSD yakamisikidzwa seyechipiri sisitimu yekushandisa mushure meLinux ine yakakwana uye yakabatanidzwa WireGuard rutsigiro.

Iwo maratidziro anosanganisira mutyairi weiyo OpenBSD kernel, shanduko kune iyo ifconfig uye tcpdump zvinoshandiswa nerutsigiro rweMagetsiGuard mashandiro, zvinyorwa, uye shanduko diki dzekubatanidza WireGuard neese mamwe masisitimu. WireGuard inotarisirwa kuverengerwa mu OpenBSD 6.8 kuburitswa.

Yeuka kuti mukota yekupedzisira yegore rapfuura munyori weprotocol ndiye akazivisawo kugamuchirwa uye kuiswa kwekodhi muLinux Kernel network stack uye gare gare aive Linus Torvalds pachake akatambira kodhi.

Zvinoenderana nekukurukurirana nezvechirongwa ichi, kunyange hazvo kuchine kuyedzwa kuti kuitwe, inofanira kusunungurwa mune inotevera inotevera vhezheni yeLinux kernel, vhezheni 5.6, mukota yekutanga kana yechipiri ya2020, sezvo WireGuard yakagamuchira mvumo kubva kuLinus Torvalds yekubatanidza muLinux.

Nezve WireGuard

Iyo controller inoshandisa kwayo kwayo kuita kweanogadzirisa blake2s, hchacha20 uye curve25519, pamwe neiyo SipHash kuitisa yatove mu OpenBSD kernel.

Iyo yekumisikidza inoenderana neese epamutemo WireGuard vatengi veLinux, Windows, macOS, * BSD, iOS uye Android.

Performance bvunzo pane yekuvandudza laptop (Lenovo x230) yakaratidza bandwidth ye750 mbit / s. Kuti uenzanise isakmpd neyekutanga kumisikidzwa, ike psk inopa bandwidth ye380 mbit / s.

Matt Dunwoodie neni tanga tichishanda pane izvi kwenguva yakati rebei. Zvino, nechimwe chirevo, Matt akatoratidza pasuo rangu muParis kuti aenderere mberi nesimba. Izvi zvinoratidza kupera kwekuyedza kwakati, uye zvirokwazvo chirongwa chemakore mazhinji chaMat.

Ini ndinofanira kucherechedzawo kuti iyo OpenBSD yekumisikidza maitiro ainakidza zvakanyanya.

Takaita zvitatu zvekuongorora, nemhinduro dzinobatsira pane imwe neimwe uye nharaunda inotsigira kwazvo.

Ini ndinofungidzira iri basa rinozotakura neOpenBSD 6.8.

Paunenge uchigadzira controller ye musimboti we OpenBSD, mamwe mapurani ekugadzirisa akafanana neLinux mutyairi akasarudzwa, asi mutyairi akagadzirwa zvakanyanya kuOpenBSD, achifunga zvakatarwa nesystem ino uye achifunga nezvechiitiko chakawanikwa pakuumba mutyairi weLinux.

Nemvumo yemunyori wepakutanga WireGuard, iyo kodhi yemutongi mutsva inogoverwa zvizere pasi pehara reISC rezinesi.

Mutungamiriri yakasimba inosangana neiyo OpenBSD network stack uye inoshandisa masisitimu aripo, izvo zvinoita kuti kodhi yacho inyatso kuumbika (dzakatenderedza 3.000 mitsara yekodhi).

Zve mutsaukozvakare kupatsanurwa kweasina-Linux mutyairi zvinhu zvinoonekwa: OpenBSD chaiyo inosangana inoenda ku "if_wg. * »Mafaira, iyo DoS yekudzivirira kodhi iri mu« wg_cookie. * ", Uye kutaurirana kwekubatanidza uye kunyorera pfungwa kuri mu" wg_noise. *

Pakupedzisira, zvinoita sekunge kuedza yakaitwa neiyo WireGuard timu kuti iite nhamba huru yeshanduko mukati mekodhi yekushandisa vakabereka zvibereko.

Uye izvo izvo zvakasiyana nevaimbove vakwikwidzi, izvo zvakagadzirirwa kutsiva, kodhi yacho yakachena zvakanyanya uye yakapusa. Zvinoenderana nezvinotaurwa neprojekti, WireGuard inoshanda nekuvhara mapaketi eIP zvakachengeteka pamusoro peUDP. Kuvimbika kwayo uye dhizaini dhizaini zvine chekuita neSecurity Shell (SSH) kupfuura mamwe maVPN.

Inofanira kutarisirwa kuti ichiri mukukura kwakazaraAsi inogona kutotarisirwa seyakachengeteka, yakapusa kushandisa, uye yakapusa mhinduro yeVPN muindastiri. Iyo Layer 3 yakachengeteka VPN mhinduro.

Kana iwe uchifarira kuziva zvakawanda nezve iyo nhau, iwe unogona kutarisa iwo mameseji mukati zvinyorwa zvekutumira de WireGuard y kuvhura.


Izvo zviri muchinyorwa zvinoomerera pamisimboti yedu ye tsika dzekunyora. Kuti utaure chikanganiso tinya pano.

Iva wekutanga kutaura

Siya yako yekutaura

Your kero e havazobvumirwi ichibudiswa.

*

*

  1. Inotarisira iyo data: Miguel Ángel Gatón
  2. Chinangwa cheiyo data: Kudzora SPAM, manejimendi manejimendi.
  3. Legitimation: Kubvuma kwako
  4. Kutaurirana kwedata
  5. Dhata yekuchengetedza: Dhatabhesi inobatwa neOccentus Networks (EU)
  6. Kodzero: Panguva ipi neipi iwe unogona kudzora, kupora uye kudzima ruzivo rwako

bool (chokwadi)