This article reads like every other defense of the old against the disruptive new. It can almost be found page for page in the innovators dilemma.<p>It is rooted in a lack of imagination. The entire argument is basically because this network does not do exactly what Cisco and the big VPN vendors with large enterprise deployments and bare-metal machines and thousands of end node clients it will not displace them.<p>That’s like arguing that the streaming will not displace CDROMs, because streaming cannot be rotated in a disc drive at a sufficient speed. The author acknowledges containers, but disregards the growth of zero-trust-networking and evergreen deployment models.<p>Technologies like Tailscale and ZPA, Docker and Snap, and immutable operating systems are being quickly adopted. These change the equation to the point that traditional approaches around ZScalar may feel as obsolete as a 5.25 floppy in a CDROM world.
People have spent a year dunking on this article, because it is bad. I just want to jump in with a quick dunk/aside about cryptographic primitives.<p>The article tries to argue that the cryptography in IKEv2 and IPSEC is comparable to that of WireGuard. After all, there are RFCs for Curve25519 in IKEv2, and Chapoly in IPSEC.<p>This pattern of argument frustrates the hell out of me. You see it all the time in discussions about PGP as well, where any conceivable cryptographic primitive has either been standardized or POC'd somewhere in the ecosystem. Leave aside interoperability (nonexistent) and negotiation (dangerous). The argument still doesn't hold!<p>Just because you've got a Curve25519 formula somewhere in your design doesn't mean it's directly comparable with anything else that uses Curve25519. The tricky bits are in the joinery, not in the primitives. WireGuard does a NoiseIK-based triple DH handshake --- it performs an authenticated key exchange, one that MITMs can't intercept, using only the DH primitive. In the closest comparable mode of deployment, IKEv2 uses digital signatures to authenticate exchanges, backed by X509(!) certificates. IKEv2's AKE is much more complicated, hard to assess for security on its own terms, and implicates some giant historic security nightmare code paths. Avoiding those code tar pits is explicitly part of the security design of WireGuard.<p>Nobody should concede the point that IPSEC allows users to opt in to WireGuard-level crypto modernity. You can't just swap Curve25519 for Diffie Hellman Group #14 and call it a day. You should be skeptical of people who make claims that you can.
If you can excuse me linking to our own blog, a response: <a href="https://tailscale.com/blog/why-not-why-not-wireguard/" rel="nofollow">https://tailscale.com/blog/why-not-why-not-wireguard/</a>
Looks like the article argues that because WireGuard tries to do one specific thing and do it well, without doing all the other things - it is doomed to fail. Unlike all those other technologies (IPSec, OpenVPN) that do a gazillion different things and are not even supported as a standard across the various operating systems and vendor devices.<p>Idk, seems like someone is trying very hard to defend their solution by vaguely throwing empty criticism about a new technology. Not even very convincingly.<p>From time to time someone can write a critique about X that actually touches on the bad parts, but this article is not it.
This hilarity is written by the same person/team that writes IPFire. This is a Linux firewall that supports a Maximum of 4 interfaces. Yup. 4.
You want a 5th Interface? Sorry. Doesn't support that.<p>That alone should tell you everything you need to know here.
<i>"There is no chance the big vendors like Cisco, Juniper, etc. will pick up WireGuard. They do not jump onto trains like this unless there is a big necessity."</i><p>Cisco's VPN currently sets its interface metric at the highest priority, ensuring that things like running docker containers or WSL/VirtualBox/Qemu/etc instances can't talk to anything once the vpn is up. It also watches for you trying to manually fix it with route insertions and fights you.<p>So, yeah, they aren't even jumping onto old trains, like "developers use internal private networks so please don't bork them up".
> Unfortunately there are some exceptions out there. Everyone who has ever tried to create an IPsec tunnel to an OpenBSD machine can probably tell a tale of that.<p>It’s clear to me from this alone that the author of this article has never had the misfortune of trying to get <i>any</i> two network appliances from <i>any</i> two different vendors to establish an IPsec tunnel. It’s a certifiable nightmare and I have lost entire weeks of my life in the past to trying and often failing.<p>The IPsec suite has a <i>vast</i> surface area and it is significantly harder for any one person to understand compared to something like Wireguard, which is, above most other things, simple. In an ideal world, IPsec might be easy “if it’s done right” but it’s <i>incredibly</i> difficult to debug what is happening when IPsec goes wrong. There are so many moving parts, competing specifications, buggy implementations and, for every tunable, there’s a whole heap of hidden complexity.<p>The industry likes to appoint Cisco, Juniper etc as if they are some kind of gold standard for some reason. They are certainly among best in the league tables for the highest number of bugs per config line if nothing else.
Not a very convincing rebuttal? It basically is ‘some features are not yet
implemented (but in the backlog) and big Corp router vendors don’t support it yet therefore it is never going to work’.<p>Also, being a user of ipfire. They are far from stable and it feels a bit like projection.
Come on, I'm exactly using it on a dynamic IP, but with a caveat: it's a forwaded port on the firewall to a machine on the private network which runs wg. That's how I remotely connect to my HomeAssistant installation. So just run it on localhost or a private IP and redirect the port from the dynamic IP.<p>I had to do this because I lost my patience while configuring OpenVPN on my Mikrotik router. Wg by contrast was very easy to install, a plugin on HA, and a QR code on my phone. No copying keys, no config, no BS. Van't wait for it to be included in RouterOS.<p>The only issue I had with it running on a VM was that the VPN would randomly fail for some obscure reason and I was left with a frozen terminal in the middle of a ssh session. So I switched to an existing OpenVPN instalation on bare metal which works flawlessly. I need the VPN exactly because my IP changes at every PPPoE session, so I can't use IP based ssh access.<p>Who cares if Cisco is not using it? Most commercial VPNs are junk or insecure anyway (PPTP I'm looking at you). They'll have to provide it when everyone uses it, just like they did with ssh.
Can anyone speak to the performance and power efficiency of ChaCha20 on current mobile devices? That seems to be the only convincing technical argument the author makes given AES-NI’s ubiquity.
Previous HN post on this article and the reply post:<p><a href="https://news.ycombinator.com/item?id=22591454" rel="nofollow">https://news.ycombinator.com/item?id=22591454</a><p><a href="https://news.ycombinator.com/item?id=22955607" rel="nofollow">https://news.ycombinator.com/item?id=22955607</a>
Sorry, I want to warn you, the following comment text contains rage and rants, please, do not read it if you don't want to see such things.<p>Every goddamn article I read about wireguard disadvantages contains following buzzwords: "big vendors", "200 clients", " rolling updates"....<p>Hello, my name is Aine and I want to setup family VPN. I don't have Cisco, I don't have 200 devices, I don't need rolling updates around the world. I need simple, fast VPN that will work. And you know what? Wireguard works OK. It's simple, it's fast, it works!<p>Why should I care about "big vendors" or "200 clients"? Why EVERY article talks about that bullshit?<p>I ask you a personal favor: if you ever will write an article about VPN, please, I beg you, explain how it works for small users use cases, like family usage or small business. I tell you why - because " big vendors " and people who need rolling updates of ciphers on 200+ clients all over the world will figure out pros and cons of different solutions without your almost the same article as 100500 Google results for "%vpnname disadvantages"
/rant
There are maybe two valid points about WG, but this doesn't make them. There's nothing good that can be said about IPSec vs. Wireguard as the former is stupidly complex and horrible to deal with. Crap article.
To me, OpenBSD project is the "gold-standard" of security. If they [1] consider WireGuard to be a project worthy of importing, then I don't need any random article to convince me otherwise of its security properties.<p>[1] <a href="https://undeadly.org/cgi?action=article;sid=20200622052207" rel="nofollow">https://undeadly.org/cgi?action=article;sid=20200622052207</a>
Big corp router vendors entire business model is being sidestepped by hyperscaler cloud providers. For a while some customers will continue to buy branded boxes, for a while more some will look to deploy a brand-name VPN or UTM box as a cloud instance within a large public cloud, then one day there will just be an AWS service (or whoever) for it.
And this was one of the big reasons why I moved on from IPFire. That, and it's a bit Mickey Mouse when you get into it. Part is just it's size, the rest is dub stuff like this keeps it small.
> I have currently no reason to believe that IKE or TLS are intrinsically broken.<p>Okay. Not worth debating.<p>> bitching that Cisco et al won't start using it<p>Sounds like a good way to distinguish between vendors.
WireGuard is hipster crypto. It's for people who think SSH is too user-friendly. It's for people who think every application should ship with a microkernel. It's for people who think that replacing 1000 users' cryptosystems all at the same time is a walk in a park. It's for people who think normal users won't post their private key in a Slack help channel. It's for people who never refresh or revoke a private key. It's for people who think "Enterprise" is a starship, and "Federation" is what the starship belongs to.