Is there completely userspace server implementation? Without tun/tap devices, etc. I guess some kind of userspace IP stack is necessary for that, although not sure.
With that, you can replace a Dialer in Go that connects sockets, effectively wrapping sockets with Wireguard. Since it does that in userspace, you get no tun/tap. This is all open-sourced by @dpeckett
Yep noisysockets is based originally off wireguard-go but is an attempt to simplify and make things a lot more idiomatic for library use. Filling in the gaps etc and improving the ergonomics. Hoping to build a bit of an ecosystem of supporting projects around it, eg. I'm currently working on a STUN server implementation based on the approach described in https://nordsecurity.com/blog/reaching-beyond-1gbps
One of the recent feature divergences from upstream is support for network exit nodes / gateways.
It's really completely in userspace and doesn't need any kernel modules or even superuser permissions for managing TUN/TAP devices (like e.g. OpenSSH's TUN device mode does)!
It uses a userspace TCP/IP stack by Google, as far as I understand.
I believe it uses the latter, but the missing piece is a userspace TCP/IP stack, since otherwise you'd need TUN device permissions to bridge over the impendence mismatch of sockets and IP packets containing TCP/UDP segments/datagrams.
Ugh, now this is driving me crazy. So I'm 99% sure that that exists, but I cannot for the life of me find the link. There's a CDN / edge compute company that gets published on HN semi-regularly that has this sweet client that... does a lot of things, but among them is connecting to your serverless containers by actually instantiating an entire TCP/IP stack in the application that's hooked up to the remote end over a wireguard proxy that's also in-application...
