search for: wireguards

Hello everybody, I saw Guus already had contact with Jason over email. What do you guys tinc of wireguards, are there advantages? Jason seems to have a good grip of what he is talking about. https://fosdem.org/2017/schedule/event/wireguard/attachments/slides/1675/export/events/attachments/wireguard/slides/1675/wireguard_slides.pdf https://fosdem.org/2017/schedule/event/wireguard/ Kind regards, Jell...

On 5 February 2017 at 05:36, Jelle de Jong <jelledejong at powercraft.nl> wrote: > What do you guys tinc of wireguards, are there advantages? Jason seems to > have a good grip of what he is talking about. Well if it's kernel only, that rules out anything not Linux, at lest at the moment. I know that may have a big share, but I find that limit. I understand it being in the kernel is attractive because it...

Hi Jared, I've seen the same while testing on digital ocean, I think it's the context switching that happens when sending a packet. I've done some testing with wireguard and that has a lot better performance but it's still changing quite a lot and only does a subset of what tinc does so probably not a stable solution. Martin On Wed, 17 May 2017 at 18:05 Jared Ledvina <jared at

On Sat, Oct 15, 2022 at 12:21:41PM -0700, syzbot wrote: > Hello, > > syzbot found the following issue on: > > HEAD commit: a1b6b102df03 Merge branch 'phylink_set_mac_pm' > git tree: net > console output: https://syzkaller.appspot.com/x/log.txt?x=179af0c2880000 > kernel config: https://syzkaller.appspot.com/x/.config?x=85495c44a2c25446 > dashboard

Solution is really simple. Since this server is dual-homed ( 2 nic's ), i suggest setup advanced routing tables. The short version of howto setup. edit /etc/iproute2/rt_tables and Add : 10 OfficeLan 20 InternetWan Lookup the routing tables: ip route show table OfficeLan ip route show table InternetWan The default gateway's is to the internet. ( change ethX to you network interface

Hello, I am trying to figure out, whether there are any best practices how to run a Samba AD DC in a container. First of all: why a container? Because obviously containers require less resources and are easier to update than multiple linux systems ? and I want to spend some of the savings into redundancy (multiple DCs, also distributed to serve different locations). Googling around I found

Am 10.12.24 um 09:28 schrieb Luis Peromarta via samba: > From my experience, create the DC in the new office. Join domain. > > Using the mmc Sites and Sevices from a windows workstation, create new site and assign network. > > You can choose to rename the default site or create new site and assign network there. This is not necessary. > > I don?t recall doing anything

From my experience, create the DC in the new office. Join domain. Using the mmc Sites and Sevices from a windows workstation, create new site and assign network. You can choose to rename the default site or create new site and assign network there. This is not necessary. I don?t recall doing anything else. On 10 Dec 2024 at 08:06 +0000, Stefan G. Weichinger via samba <samba at

Greetings! after all these years of running Samba I am still learning and having to learn more :-) I am trying to research howtos and docs, but from my experience it sometimes would have been better to ask BEFORE trying things. So: At a customer we happily run 2 samba-AD-DCs for one single AD domain, on one geographical site, in one single IP subnet. (using samba-4.21.2 as I write this)

> * What are pros and cons of container vs. VMs? Same as any other containerized setup. We've been running our Samba DCs and file servers in nspawn containers (similar to LXC) for a couple of years, no container-specific issues yet. Though I'm not sure if docker is the right tool for the job; samba as a fat daemon running a bazillion subprocesses orchestrated by a persistent database

Hello, I need to build a VPN, and I am not sure if tinc is the right tool to use. I am more familiar with OpenVPN. I have a few boxes at home, behind a router with a dynamic IP address. Those boxes host some services, like web sites, for instance. I have a server hosted online, with a few IPv4 and IPv6 addresses. All addresses being static, of course. I am planning to use tinc on Debian, to

Niklas - Thanks! Yeah, your Github issue was very useful for me to understand what is probably causing our issue (the syscall chain done on every UDP packet). Very interesting that you're able to see around 90% of a Gig line on bare metal. Were you ever able to make any further progress on adjusting Tinc based on the investigation in https://github.com/gsliepen/tinc/issues/110 ? Martin -

https://bugzilla.mindrot.org/show_bug.cgi?id=3780 Bug ID: 3780 Summary: connecting using KexAlgorithms list fails without spaces Product: Portable OpenSSH Version: 9.9p1 Hardware: Other OS: Linux Status: NEW Severity: normal Priority: P5 Component: ssh

Hey all, So I do some development based on openssh and I'm trying to think of some new projects that might extend the functionality, feature set, user workflow, performance, etc of ssh. So open ended question: Do any of you have a wish list of things you'd like to see in ssh? Mostly I'm just curious to see what the larger community is thinking of rather than being driven

Hello everybody, First a big thanks for tinc-vpn I am still using it next to wireguard and openvpn. I am having a setup where the tinc debian appliance is at 100% cpu load doing about 7.5MB/s. Compression = 9 PMTU = 1400 PMTUDiscovery = yes Cipher = aes-128-cbc How can I pick a cipher that is the fasted for my CPU and don't create a CPU bottleneck at 100%. Kind regards, Jelle de Jong

v5: - Break the btrfs patch out as a separate patch to be processed independently. - Update the commit log of patch 1 to make it less scary. - Add a kzfree backward compatibility macro in patch 2. v4: - Break out the memzero_explicit() change as suggested by Dan Carpenter so that it can be backported to stable. - Drop the "crypto: Remove unnecessary

I once filed this issue and did an investigation on high CPU load on cloud instances that might be relevant to this topic: https://github.com/gsliepen/tinc/issues/110 If I remember correctly I found that AWS EC2 instances have this problem less than DigitalOcean instances. On bare metal machines with tinc 1.0 and aes-128-cbc, I can get 90% of gigabit line speed over tinc. On 17/05/17 19:17,

Hi Andrê, So by nodes I assume you mean the "boxes". I would suggest each "box" gets it's own tinc node(with a static ip) and then on the server it should be a matter of pointing at the ip address of the appropriate box tinc ip address. I've done this myself with WireGuard and it works great. On Mon, Nov 25, 2019 at 7:14 AM André Rodier <andre at rodier.me>

No issue, sync will continue next time network is up. On 10 Dec 2024 at 13:57 +0000, Stefan G. Weichinger <lists at xunil.at>, wrote: > > Anything to think of in terms of connectivity and syncing ... over the > VPN? The wireguard vpn should be rather stable, but is it any problem if > there are interruptions now and then? I think of power failures or > problems at the internet

As said by Linus: A symmetric naming is only helpful if it implies symmetries in use. Otherwise it's actively misleading. In "kzalloc()", the z is meaningful and an important part of what the caller wants. In "kzfree()", the z is actively detrimental, because maybe in the future we really _might_ want to use that "memfill(0xdeadbeef)" or