VPN options

Christoph Harder shadowomf at arcor.de
Tue Jun 23 14:56:01 PDT 2020

Hello again,

I hope this is suitable for the DragonflyBSD-users list.

Since IPSEC was removed from DragonflyBSD I'm looking for alternatives to set up a VPN (Site-to-Site with multiple sites, dynamic public addresses).
I've found OpenVPN, wireguard and tinc, all look like they are available on DragonflyBSD.

Anyway, has anybody used two or more of the available options and can recommend one over the other(s)?
How well are they maintained? How well supported on DragonflyBSD? How stable are they?
What about performance / power requirement? I don't need to saturate a 1 or 10 gigabit link, probably not even a 100 mbit link, but keeping the CPU usage low would be nice.
Security, well probably hard to estimate. But maybe you have some experience regarding their configuration and the options they provide or they are missing (e.g. state of the ciphers they are offering).

I have a mixed feeling about OpenVPN, mainly from past experiences, probably not warranted.
tinc does look interesting, since it doesn't need dynamic DNS for all sites, just one would suffice.
But it looks like Wireguard is more active developed has a bit more momentum.

Thank you in advance for any opinion you can provide.

Best regards,
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0xA362479F3F0ADC06.asc
Type: application/pgp-keys
Size: 1440 bytes
Desc: not available
URL: <http://lists.dragonflybsd.org/pipermail/users/attachments/20200623/38f6a836/attachment-0006.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 313 bytes
Desc: OpenPGP digital signature
URL: <http://lists.dragonflybsd.org/pipermail/users/attachments/20200623/38f6a836/attachment-0007.bin>

More information about the Users mailing list