Re: DMVPM appreciation

2016-12-03 Thread John Huttley
Hmm... Really good high level theory ... > Don't forget we need two more things: > * A --> C (over UDP) > * C --> A (over UDP) >Throw a few weird NAT/PAT and other ACLs in between and try again. In one direction there is no need, because that's how we established the tunnel. See below, we

Re: DMVPM appreciation

2016-12-03 Thread Kalin KOZHUHAROV
Hmm... Really good high level theory ... On Sun, Dec 4, 2016 at 3:07 AM, John Huttley wrote: > So lets consider a simplified case > A <-> B <-> C > > A is sending a lot of data to C. > > Policy triggers starting a direct A <-> C tunnel. > > We need public key and

Re: [PATCH v2 1/1] add dkms configuration file dkms.conf

2016-12-03 Thread Jason A. Donenfeld
I like the general idea here of including dkim in WireGuard now, since basically all distros use it and ship the exact same logic. By putting it in WireGuard itself, I can provide maintenance over the interworkings, which will be helpful for downstream. Another thing I can do is handle the

Re: DMVPM appreciation

2016-12-03 Thread Dave Taht
I agree that wireguard is potentially a good substrate for what you describe. There are messy details. My personal goal is to also get it to do good congestion control (adding fq_codel) next year while thinking hard about the problems that tor had in that department. On Sat, Dec 3, 2016 at

DMVPM appreciation

2016-12-03 Thread John Huttley
When Wireguard was first announced, there were several comments like "Can you do DMVPM?" So What is DMVPN? Do we care? Can we do it better? DMVPN http://www.cisco.com/c/en/us/products/security/dynamic-multipoint-vpn-dmvpn/index.html Is a Cisco product to lets spokes create spoke-to-spoke links

[PATCH v2 1/1] add dkms configuration file dkms.conf

2016-12-03 Thread Christian Hesse
From: Christian Hesse This add dkms configuration file dkms.conf and target in Makefile to update the version. Signed-off-by: Christian Hesse --- src/Makefile | 14 ++ src/dkms.conf | 11 +++ 2 files changed, 21 insertions(+), 4 deletions(-)

[PATCH 1/1] add dkms configuration file dkms.conf

2016-12-03 Thread Christian Hesse
From: Christian Hesse This add dkms configuration file dkms.conf and target in Makefile to update the version. Signed-off-by: Christian Hesse --- src/Makefile | 14 ++ src/dkms.conf | 11 +++ 2 files changed, 21 insertions(+), 4 deletions(-)

[PATCH 1/1] include tests/debug.mk only if exists

2016-12-03 Thread Christian Hesse
From: Christian Hesse DKMS packages do not contain tests/debug.mk, so do not include if it does not exist. Signed-off-by: Christian Hesse --- src/Makefile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/Makefile b/src/Makefile index 20947ac..370c2ea