
WireGuide VPN Protocol - mv9
https://www.privateinternetaccess.com/blog/wireguide-all-about-the-wireguard-vpn-protocol/
======
Snawoot
> One key component that makes WireGuard different than other VPN protocols
> such as OpenVPN, IPSEC, L2TP, and PPTP is the layer at which it functions.
> The traditional VPN protocols that most people are familiar with operate at
> the user level using TLS. In comparison, WireGuard on Linux based VPN
> servers operates inside the kernel’s networking stack, and there are many
> benefits to that.

I bet Wireguard works in user-space on everything except native Linux distros.
Also, comparing to PPTP, Wireguard sends encrypted IP packets in its own
format over UDP over IP and PPTP sends PPP over GRE over IP. Wireguard is not
superior to the others in terms of encapsulation.

It supports single set of crypto primitives and it's advertised as a pro.
Other systems are designed with resilience in mind and capable to negotiate
crypto protocols considered safe by both parties.

Wireguard is pretty good, but it's not superior comparing to IKEv2 (which, by
the way, leverages IPsec which works in kernel on most systems).

