Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


β€Ί AMD EPYC NAT VPS| 256MB - 2GB | SIngapore πŸ‡ΈπŸ‡¬ Netherlands πŸ‡³πŸ‡± New York πŸ‡ΊπŸ‡Έ - Page 2
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

AMD EPYC NAT VPS| 256MB - 2GB | SIngapore πŸ‡ΈπŸ‡¬ Netherlands πŸ‡³πŸ‡± New York πŸ‡ΊπŸ‡Έ

2Β»

Comments

  • Awesome network & support from here, only a 1ms delay from my home network in NY :o

    Thanked by 1Abd
  • brueggusbrueggus Member, IPv6 Advocate

    @Moofie said:
    Awesome network & support from here, only a 1ms delay from my home network in NY :o

    Pics or it didn't happen.

  • @Abdullah7310 said:

    @Learntolive said:
    wireguard works ? allowed ?

    Yes, it works & is allowed, recommend using nyr install script makes it super easy, though you can also install manually.

    I believe Wireguard can not run on OpenVz 7.

    I tried to use Angristan Wireguard installer and it did not allow me to install on Openvz.

  • PilzbaumPilzbaum Member
    edited October 2020

    @Fritz You are semi correct.
    While wireguard doesn't directly work on OVZ (due to kernel stuff), you can use the golang wireguard-go implementation (you would need to compile it yourself)

    EDIT: Maybe @Abdullah7310 enabled the wireguard kernel module on the host, you could then use it by only installing the wireguard-tools.
    For debian this could go as the following:

    echo "deb http://deb.debian.org/debian/ unstable main" > /etc/apt/sources.list.d/unstable-wireguard.list
    printf 'Package: *\nPin: release a=unstable\nPin-Priority: 90\n' > /etc/apt/preferences.d/limit-unstable
    apt update
    apt install --no-install-recommends wireguard-tools
    
    Thanked by 1Abd
  • AbdAbd Member, Patron Provider

    Thanks @Pilzbaum
    I should have been more clear when answering, while wireguard kernel module can be loaded, all our users have been using wireguard-go implementation & boringtun; these also being NAT vps, there has been no demand to install wireguard kernel module.

    Most users who use scripts have been happy using nyr's easy script. Thanks @Nyr

    @Fritz you can try wireguard-go...or use the easy nyr script with boringtun implementation.

    Cheers!

  • Currently running wireguard on Ubuntu 18.04 in AMS with Webhorizon

    1. Enable TUN/TAP through the control panel.
    2. Enable IPv4 forwarding in /etc/sysctl.conf. If you are going to use wireguard with ipv6 addresses, enable IPv6 forwarding too.
    net.ipv4.ip_forward = 1
    net.ipv4.conf.all.forwarding = 1
    net.ipv6.conf.all.forwarding = 1
    
    1. Compile and install boringtun or wireguard-go, as the nodes run on a 3.10 kernel, which does not support native wireguard kernel module. (Take a look at https://d.sb/2019/07/wireguard-on-openvz-lxc for some info about compiling wireguard-go)
    2. Install wireguard-tools (comment above from @Pilzbaum). On Ubuntu 18.04/20.04, it is in the Ubuntu repos, so no need to add any extra apt sources.
    3. If using boringtun, modify the /lib/systemd/system/[email protected] systemd file to add these lines in the [Service] section
    Environment=WG_I_PREFER_BUGGY_USERSPACE_TO_POLISHED_KMOD=1 
    Environment=WG_QUICK_USERSPACE_IMPLEMENTATION=boringtun
    Environment=WG_SUDO=1
    
    1. If using wireguard-go, no modification is needed.
    2. Enable and start wireguard once the conf files are created:
    sudo systemctl enable wg-quick@wg0
    sudo systemctl start wg-quick@wg0
    
    Thanked by 1Abd
  • FritzFritz Veteran
    edited October 2020

    @Abdullah7310 said:
    Thanks @Pilzbaum
    I should have been more clear when answering, while wireguard kernel module can be loaded, all our users have been using wireguard-go implementation & boringtun; these also being NAT vps, there has been no demand to install wireguard kernel module.

    Most users who use scripts have been happy using nyr's easy script. Thanks @Nyr

    @Fritz you can try wireguard-go...or use the easy nyr script with boringtun implementation.

    Cheers!

    I see.

    In that case, I would prefer to use Wireguard with boringtun rather than Wireguard-go, as Go Language is not so good for raw packet processing, which a VPN essentially does (wireguard-go falls very short of the performance offered by the kernel module).

    @Abdullah7310

    So, can I assume you are able to support all these three options for your service?

    Thanked by 1Abd
  • @Pilzbaum said:
    @Fritz You are semi correct.
    While wireguard doesn't directly work on OVZ (due to kernel stuff), you can use the golang wireguard-go implementation (you would need to compile it yourself)

    EDIT: Maybe @Abdullah7310 enabled the wireguard kernel module on the host, you could then use it by only installing the wireguard-tools.
    For debian this could go as the following:

    echo "deb http://deb.debian.org/debian/ unstable main" > /etc/apt/sources.list.d/unstable-wireguard.list
    printf 'Package: *\nPin: release a=unstable\nPin-Priority: 90\n' > /etc/apt/preferences.d/limit-unstable
    apt update
    apt install --no-install-recommends wireguard-tools
    

    Noted.

  • AbdAbd Member, Patron Provider

    @Fritz
    Aye you are correct! Recommend using boringtun for performance.
    About loading kernel module - wg works fine with boringtun.
    Unless there are handful of users demanding the kernel module, enabling it may not make sense.

    Thanks!

  • AbdAbd Member, Patron Provider

    Nice guide @jnraptor can I use it somewhere in my knowledge base articles about installing VPN? :) , planning to write some.

  • @Abdullah7310 said:
    Nice guide @jnraptor can I use it somewhere in my knowledge base articles about installing VPN? :) , planning to write some.

    Sure, no problem :)

    Thanked by 1Abd
  • can't wait til BF

  • @chocolateshirt said: Of course you can.. You could use Nyr wireguard install script.

    well done. I got one VPS services

    Thanked by 1chocolateshirt
Sign In or Register to comment.