On Wed, 5 Jul 2023 at 16:44, Chavdar Ivanov <ci4...@gmail.com> wrote: > > On Wed, 5 Jul 2023 at 16:36, Chavdar Ivanov <ci4...@gmail.com> wrote: > > > > On Wed, 5 Jul 2023 at 16:26, Martin Husemann <mar...@duskware.de> wrote: > > > > > > On Wed, Jul 05, 2023 at 05:10:42PM +0200, logothesia wrote: > > > > Hi folks, > > > > > > > > What does the landscape look like regarding WireGuard? Is it supported > > > > at > > > > all? > > > > > > In -10 and -current it is. I am using it on several machines (mostly with > > > windows peers). > > > > But you have to add 'pseudo-device wg' to you kernel configuration - > > it is not on by default: > > > > # uname -a > > NetBSD ymir.lorien.lan 10.99.4 NetBSD 10.99.4 (GENERIC) #6: Wed Jul 5 > > 12:53:40 BST 2023 > > sysbu...@ymir.lorien.lan:/dumps/sysbuild/amd64/obj/home/sysbuild/src/sys/arch/amd64/compile/GENERIC > > amd64 > > # ifconfig -C > > vether bridge ipsec carp lagg agr pppoe vlan tun tap sl stf ppp lo > > l2tp gre gif npflog > > # grep wg /usr/src/sys/arch/amd64/conf/* > > /usr/src/sys/arch/amd64/conf/ALL:pseudo-device wg > > # VPN tunnel compatible with WireGuard > > I see it is also a module; retracting the above. Just 'modload if_wg' .
however, on aarch64: .. # uname -a NetBSD narvi 10.99.4 NetBSD 10.99.4 (GENERIC64) #1: Sun Jun 18 02:48:45 BST 2023 sysbu...@ymir.lorien.lan:/dumps/sysbuild/evbarm64/obj/home/sysbuild/src/sys/arch/evbarm/compile/GENERIC64 evbarm # ifconfig -C ipsec vether bridge carp pppoe vlan tun tap ppp lo gre gif npflog # ls /stand/evbarm/10.99.4/modules/if_wg if_wg.kmod # modload if_wg modload: if_wg: Operation not permitted ... > > > > > > > > > > > > ifconfig. It is my understanding that wireguard-tools only provides the > > > > userland stuff (i.e., config file reading and so on). > > > > > > You do not even need that, base comes with wgconfig, and "man wg" tells > > > you all about the setup tricks. > > > > > > > Do I have to compile a custom kernel, or enable something somewhere? > > > > > > Did you try "ifconfig -C"? That should list all clonable interfaces > > > and includes "wg" if the kernel knows about it. > > > > > > > Not sure if it matters, but I am running NetBSD/evbarm-earmv6hf 9.3. > > > > > > You might, or load the if_wg kernel module (by adding it to > > > /etc/modules.conf, > > > see "man modules.conf"). > > > > > > Martin > > > > > > > > -- > > ---- > > > > -- > ---- -- ----
