On 9/5/18 8:44 AM, Bill Kenworthy wrote: > On 05/09/18 20:15, james wrote: >> So, I need to be able setup and tear down a 4-component network. >> Sometimes all (4) systems will be in the same location, probably about >> 50% of the time. >> >> My (3) personal systems are: >> (1) gentoo laptop (Open RC if that matters) >> (1) window-7 laptop >> (1) Android Cell (galaxy note 9) >> >> These (3) are with me most about 70% of the time, but >> often they will be in different locations hundreds of miles apart. >> >> >> (1) The corporate windows workstation/server. (always stationary). >> (4) Total, often just the the (3) systems on this transient net. >> >> >> So, my research suggest that WireGuard might be best because most of >> what I'm moving around is a wide variety of image types, as well as >> video and 3D/4D files and binaries for odd-ball embedded devices, of a >> wide variety. Eventually the file movement will be mostly automated >> (scripted). WireGuard purports to have the most bandwidth capabilities >> and some of these file_sets will be in the gigabyte range often. >> >> >> I've found lots to read and noodle with, but I'm curious what (gentoo) >> folks would suggest. For starters it cannot use an outsourced VPN; >> that's dictated by others. So a "home-spun VPN" is warranted. >> >> >> From others :: >> "But WireGuard being awesome is old news. The new news is that now >> there�s an easy way to integrate it into Android ROMs and kernels. " >> >> >> >> https://opensource.com/article/18/8/open-source-tools-vpn >> >> https://www.wireguard.com/install/ >> >> https://github.com/max-moser/network-manager-wireguard >> >> https://forum.xda-developers.com/android/development/wireguard-rom-integration-t3711635 >> >> >> Those are a few links I found, but I really want a gentoo centric >> method. Others suggests, for custom ROMs, to anything to secure the >> Android phone and get rid of the "crap apps" would be most welcome. If I >> cannot get rid of them I'd like a systematic way to bury those pesky >> Android apps that pedestrian use, down the tree somewhere. I guess what >> I'm trying to say is once I get the (4) devices working, I'll be testing >> a variety of way to setup Android or embedded gentoo on that Android >> Galaxy-9 so I control the stack, it can deeply sniffed, either on the >> internal device or on external ports, via Deep Packet Inspection codes >> on the ports via other microprocessors running embedded gentoo. >> >> Use Gentoo prefix? >> >> An android experimental stack? >> >> I have a second cell phone so I can do whatever I need to with the >> Android Galaxy Note 9. Jtag or other low level hardware programmers are >> of keen interest; mandatory. Perhaps Samsung or another vendor sells the >> hardware programming equipment? 5G bandwidth is definitely front and >> center, when and where it's available, but ignored for now or until >> those phones are available. >> >> >> Discussion, ideas and suggestions are most welcome. >> >> >> curiously, >> James >> > Have not used wireguard. > > all running over port 443 > > openvpn for linux/android > > proxytunnel on windows to stunnel on a linux server for the corporate > network. > > Use the sslh multiplexor to control and switch incoming ssl. > > Unfortunately I have some difficult networks to get out of.� Performance > is ok for gentoo distfile download from my repo, but I have not tried > super large files. > > > BillK
Thanks BillK. I'll test this and post-back. I'm going to test a variety of suggestions, with deference to a gentoo-centric solution. James
