Cool, thank you!
On Thu, Sep 7, 2017 at 1:49 PM, Tobias Klauser <tklau...@distanz.ch> wrote:
> On 2017-09-06 at 21:33:39 +0200, sandman <snl20...@gmail.com> wrote:
> > Hi Tobias
> > Thanks for your work on curvetun! I just exploring it and I wanted to
> > with you on potential usage. Would help me a great deal if you can help
> > with me with following queries.
> In general, please ask these kinds of questions on the netsniff-ng
> mailing list https://groups.google.com/forum/#!forum/netsniff-ng
> That way you're more likely to get your question answered by someone who
> might have already done something similar and other people will also
> benefit from the answers.
> I Cc'ed my reply to the list.
> > My use case:
> > I am looking at building a lightweight packet forwarder (much like rpcapd
> > from wireshark/winpcap suite) but with end to end encryption. Basically a
> > soft network tap using which I can capture packets on a production
> > and send them out securely to another machine and analyze them for
> > anomalies.
> > After having ruled out rpcapd due to instability and lack of encryption.
> > am currently evaluating between tinc and curvetun to act as secure tunnel
> > over which I can ship captured packets.
> > 1. How does curvetun compare to tinc (or openvpn for that matter) on
> > performance front? Any high level ideas here? On performance, do you
> > my approach will fly or I should take something like rpcapd and add
> > encryption on top of that?
> I haven't used tinc or looked at it in depth, so I cannot really say
> much about how it compares w.r.t. performance. I'd suggest, you just try
> it out with a small test setup to get a high level picture.
> If performance is of concern you might also want to look at Wireguard
> , which is an in-kernel VPN implementation designed for performance
> and ease-of-use. Though, it is not yet in the mainline kernel AFIAK.
>  https://www.wireguard.com
> > 2. As you can see, I will be transferring packets from N production
> > to 1 analysis server, is this use case supported? I think it is.
> Yes, this is supported by curvetun. The analysis server would run
> curvetun in server mode and the N production servers would each run
> curvetun in client mode.
> > 3. Any ready to use docker images of curvetun you can point to would be
> > great too.
> There is a docker image for the netsniff-ng toolkit from the OpenNSM
> group on docker hub . It doesn't seem to contain curvetun though, but
> you might want to send them a pull request  to add it ;)
>  https://hub.docker.com/r/opennsm/netsniff-ng/
>  https://github.com/open-nsm/ContainNSM
> Hope that helps
You received this message because you are subscribed to the Google Groups
To unsubscribe from this group and stop receiving emails from it, send an email
For more options, visit https://groups.google.com/d/optout.