Have people been using #Wireguard on #OpenBSD with #OSPF?

I was thinking of doing that to replace IPsec tunnels encapsulating GIF but… 1-many does not work with OSPF so I guess I’d have to set up as many Wireguard pairs as I have links? Obviously that’s fine, the world has sufficient UDP ports, but it seems inefficient somehow.

What's the common wisdom regarding #Ubuntu #Linux and systemd-resolved, dnsmasq, and NetworkManager?

Had a weird thing happen where a #Wireguard tunnel didn't go up but DNS was still trying to connect to the DNS server over the WireGuard tunnel and was failing.

Is there any way to stop the DNS madness? It looks like they're both clobbering each other.

✅ Okay, after some more testing, looks like it's somehow related to the Wireguard tunnel, not the upgrade (I might have simply had bad luck with timing and noticing a problem and jumping to the conclusion that it was related to the upgrade).

Previous kernel, same tunnel, same issue.

New kernel, different tunnel, not a problem.

So likely NOT a Debian Trixie 13.2 issue after all! Good! I can poke at this separately.

Thanks @linus @drajt

#IPv6 #Debian #Linux #Debian13 #DebianTrixie #Wireguard

FIXED

Anyone else having IPv6 issues (possibly with Wireguard) after the Debian Trixie 13.2 update just now, which includes a kernel upgrade 6.12.48-1 to 6.12.57-1? It was working before, and after the upgrade I don't seem to get any IPv6 default route. (I do get an IPv6 assignment.)

Haven't had any opportunity yet to do much troubleshooting, but don't see anything obviously relevant in the Debian bug tracker or debian-user archives.

✅⬇️

#IPv6 #Debian #Linux #Debian13 #DebianTrixie #Wireguard

Has anyone run into an issue in #WireGuard in which the Endpoint is a fully qualified domain name (e.g. vpn.example.org:51820) and the tunnel won't work, but it will work if you put in the IP address (which is IPv4)? I wonder if it has to do with having both IPv4 and IPv6 stacks running and active at the same time on the client and it can't, for some reason our another, establish the tunnel correctly?

That said, since modern versions of #OpenSSH have adopted a post-quantum key exchange by default and #Wireguard isn't, by default at least, totally quantum safe, I wonder if it would be better to use SSH with password login disabled as a VPN instead of Wireguard. You can use the optional PSK option with Wireguard to attain some level of PQ security, but it's not 100% because of the default handshake.

Just thinking out loud.

wireguard-fpga: Full-throttle, wire-speed hardware implementation of Wireguard VPN, using low-cost Artix7 FPGA with opensource toolchain

https://github.com/chili-chips-ba/wireguard-fpga

#wireguard #fpga #opensource

My daughter left home because University is located towns-away from here. This means she now has to connect her iPad to $HOME in order to watch the movies that are hosted in our local VOD system.

Yet another #OpenBSD and #Wireguard user that don’t even know about it. She only knows that she uses a #VPN and that it’s not NordVPN.

#RunBSD

Compiling #lemmy on an #alpine #lxc container running in my #homelab #proxmox over my #wireguard tunnel while waiting for my fast food order is clearly a new level of whatever it is .

Alt...

Photos of MacBook resting on a car dashboard with a proxmox interface open on it you can see a black screen with white and green line with an arrow showing a fifty percent progress

Des idées d'outils qui peuvent être utilisés pour contourner les blocages en #Russie ?

P.S.: #Wireguard & #Shadowsocks ne passent pas.

#autohebergement