WireGuard goes fully Windows-native with experimental WireGuardNT driver

Forget bendable mobile phones, we're holding out for working mobile phone plushies.

Enlarge / Forget bendable mobile phones, we're holding out for working mobile phone plushies. (credit: Carol Yepes via Getty Images)

The WireGuard VPN project announced a major milestone for its Windows users today—an all-new, kernel-mode implementation of the VPN protocol called WireGuardNT. The new implementation allows for massively improved throughput on 10Gbps LAN connections—and on many WI-Fi connections, as well.

WireGuard (on Windows) and wintun

The original implementation of WireGuard on Windows uses wireguard-go—a userspace implementation of WireGuard written in Google's Go programming language. Wireguard-go is then tied to a virtual network device, the majority of which also lives in userspace. Donenfeld didn't like tap-windows, the virtual network interface provided by the OpenVPN project—so he implemented his own replacement from scratch, called wintun.

Wintun is a definite improvement over tap-windows—the OpenVPN project itself has implemented wintun support, with impressive results (414Mbps over tap-windows vs 737Mbps over wintun). But while using wintun is an improvement over tap-windows, it doesn't change the need for constant context switches from kernel space (where the "real" network stack lives) and userspace (where OpenVPN and wireguard-go both live).

Read 9 remaining paragraphs | Comments



https://ift.tt/3jdBzxP

Comments