OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • English Forums »
  • 24.1 Legacy Series »
  • 23.7.12 >> 24.1 RC1 Wireguard kernel mode netmap support
« previous next »
  • Print
Pages: [1]

Author Topic: 23.7.12 >> 24.1 RC1 Wireguard kernel mode netmap support  (Read 2385 times)

GuruLee

  • Newbie
  • *
  • Posts: 19
  • Karma: 2
    • View Profile
23.7.12 >> 24.1 RC1 Wireguard kernel mode netmap support
« on: January 21, 2024, 02:28:20 pm »
I'm being advised by Zenarmor to upgrade for the wireguard kernel mode netmap support, so I can effectively protect my wireguard interface.

Has anyone upgraded to 24.1 RC1 to test this and how stable is it?


Sent from my SM-N986U using Tapatalk

Logged

Seimus

  • Hero Member
  • *****
  • Posts: 613
  • Karma: 60
    • View Profile
Re: 23.7.12 >> 24.1 RC1 Wireguard kernel mode netmap support
« Reply #1 on: January 27, 2024, 02:04:31 am »
I was waiting for this implementation too,

If I will have time over this weekend I will test it out.

Regards,
S.
Logged
Networking is love. You may hate it, but in the end, you always come back to it.

OPNSense HW
APU2D2 - deceased
N5105 - i226-V | Patriot 2x8G 3200 DDR4 | L 790 512G - VM HA(SOON)
N100   - i226-V | Crucial 16G  4800 DDR5 | S 980 500G - PROD

GuruLee

  • Newbie
  • *
  • Posts: 19
  • Karma: 2
    • View Profile
Re: 23.7.12 >> 24.1 RC1 Wireguard kernel mode netmap support
« Reply #2 on: January 31, 2024, 12:04:23 pm »
I upgraded last night to 24.1 and no known issues so far.
I can now see Wireguard Internet egress traffic in Zenarmor, so I'm happy

Sent from my SM-N986U using Tapatalk

Logged

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 17709
  • Karma: 1618
    • View Profile
Re: 23.7.12 >> 24.1 RC1 Wireguard kernel mode netmap support
« Reply #3 on: January 31, 2024, 12:38:02 pm »
It's still being worked on so I'd label it "experimental" for now. Use it with a grain of salt.


Cheers,
Franco
Logged

Seimus

  • Hero Member
  • *****
  • Posts: 613
  • Karma: 60
    • View Profile
Re: 23.7.12 >> 24.1 RC1 Wireguard kernel mode netmap support
« Reply #4 on: January 31, 2024, 01:37:36 pm »
Thanks GuruLee,

I was not unable to upgrade over the weekend.

@franco
By your definition of "experimental" you mean its experimental till all the bugs will not be catched out? If yes do you know about some potential issues? Just curious here.

Regards,
S.

Logged
Networking is love. You may hate it, but in the end, you always come back to it.

OPNSense HW
APU2D2 - deceased
N5105 - i226-V | Patriot 2x8G 3200 DDR4 | L 790 512G - VM HA(SOON)
N100   - i226-V | Crucial 16G  4800 DDR5 | S 980 500G - PROD

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 17709
  • Karma: 1618
    • View Profile
Re: 23.7.12 >> 24.1 RC1 Wireguard kernel mode netmap support
« Reply #5 on: January 31, 2024, 02:50:17 pm »
It's still being worked on by Zenarmor/Klara for FreeBSD inclusion and there have been some reports of lockups in internal testing.


Cheers,
Franco
Logged

GuruLee

  • Newbie
  • *
  • Posts: 19
  • Karma: 2
    • View Profile
Re: 23.7.12 >> 24.1 RC1 Wireguard kernel mode netmap support
« Reply #6 on: February 02, 2024, 07:09:04 pm »
Quote from: franco on January 31, 2024, 12:38:02 pm
It's still being worked on so I'd label it "experimental" for now. Use it with a grain of salt.


Cheers,
Franco
So therefore we should exercise caution if we're on the fence with purchasing Zenarmor subscription for wireguard support

Sent from my SM-N986U using Tapatalk

Logged

johnmcallister

  • Newbie
  • *
  • Posts: 41
  • Karma: 5
    • View Profile
Re: 23.7.12 >> 24.1 RC1 Wireguard kernel mode netmap support
« Reply #7 on: February 02, 2024, 11:27:13 pm »
Quote from: GuruLee on January 31, 2024, 12:04:23 pm
I upgraded last night to 24.1 and no known issues so far.
I can now see Wireguard Internet egress traffic in Zenarmor, so I'm happy

Sent from my SM-N986U using Tapatalk

I also upgraded to 24.1_1 and so far my 2 different Wireguard tunnels are working smoothly without any problems. (2 instances, with 1 peer per instance, the peers being different servers on unrelated networks.)
Logged

Seimus

  • Hero Member
  • *****
  • Posts: 613
  • Karma: 60
    • View Profile
Re: 23.7.12 >> 24.1 RC1 Wireguard kernel mode netmap support
« Reply #8 on: February 03, 2024, 05:07:48 pm »
So I did today the upgrade to Major 24.1,

The Very experimental netmap driver on WG works very well in my opinion at least on 1st look.
I can see all statistic, connections and all related to WG from prespective of ZENARMOR. Performance looks good as well. I will keep an eye on this if from long run perspective it will not do some goofiness.

Franco many thanks to you and your team to taking the time and implementing this.

Regards,
S.
Logged
Networking is love. You may hate it, but in the end, you always come back to it.

OPNSense HW
APU2D2 - deceased
N5105 - i226-V | Patriot 2x8G 3200 DDR4 | L 790 512G - VM HA(SOON)
N100   - i226-V | Crucial 16G  4800 DDR5 | S 980 500G - PROD
  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • English Forums »
  • 24.1 Legacy Series »
  • 23.7.12 >> 24.1 RC1 Wireguard kernel mode netmap support
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2