Hacker News new | past | comments | ask | show | jobs | submit login

Having been running WireGuard in my router for a couple of months now I have to say it's just the first ever VPN to offer no bandwidth penalty and a very easy setup. Now I have IPv6 through the VPN, all traffic from the house is routed through anonymous servers and I've had no problems with the connection dropping. Very nice work here.



> I have to say it's just the first ever VPN to offer no bandwidth penalty

By protocol design it incurs a 4%-~50% (1500 byte and 64 byte packets respectively) bandwidth penalty over the internet due to headers. The encryption of the payload is extremely fast though.


Of course I was exaggerating a bit. But...

I've been trying to setup OpenVPN for ages, and it always eats about 60-80% of the bandwidth. No matter what I try with it, I just cannot get the full speed of my internet connection through the protocol. With Wireguard I haven't noticed any difference. fast.com is as fast with or without WireGuard. I have to say it's the first time in my life I see it working this easily.


What router do you have that lets you run wire guard?


OpenWRT has WireGuard support, so also, every router you can put an OpenWRT image on.

EDIT: I'm using it on my Netgear WNDR3800, and my grandmother's Sitecom WLR-4000 (which is a rebranded Sitecom WL-351, which is a rebranded EnGenius ESR9850).


You can run it on Ubiquiti's EdgeRouters: https://community.ubnt.com/t5/EdgeRouter/Release-WireGuard-f...


And if you're feeling like a fun weekend hacking project it's also available on OpenBSD which runs on the EdgeRouter including support for the onboard packet accelerator.

https://marc.info/?l=openbsd-ports&m=152712417729497&w=2

Nothing against vyatta/edgeos but since getting into edge cases requires command line anyway, you can just start there without too much trouble.


You just get to port Go to octeons during that weekend then. But if you do, I will be happy! \o/


To be fair, then your bandwidth penalty just comes from something else.

(I run a large number of ERs, mostly because you can easily run so much other software on the hardware -- but they're not great devices if you need performance or reliability. "You get what you pay for" absolutely applies.)


Omnia Turris runs it fine.


Are there commercial providers?


Yep.

https://mullvad.net/en/

Many servers. Can pay with bitcoin. You only get a randomized account number. /128 subnet for IPv6.

https://www.azirevpn.com/

A bit less servers. No need to give email. /64 subnet for IPv6.


Mullvad also doesn't require an email, and you can mail them cash anonymously.


Yep. And the service with both of these is top notch.


Talked to some of the guys at a conference. They are really nice and they are doing a lot with Wireguard, helping if financially as well.





Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: