WireGuard in pfSense 2.5 Performance

@dirtyfreebooter I'm at the same point. Might be a good time to move away from the one box does it all appliance and the brittleness that can cause when upgrading.

dirtyfreebooter

@jwj sure but i already do that, one nice part of VPN on the firewall, its easy to apply firewall rules to it, though you probably work around that in various ways.

pfSense is nice. the interface is nice and easy. its a good product. Having it do firewall, DNS, DHCP, VPN is pretty nice, especially when you are not in an environment that is needs anything separate, with the hidden cost there of maintaining multiple machines, VMs, etc and keeping them updated.

i just wanted Netgate to be the mature ones here and show they are adults and want the best for FreeBSD and the community as well, and all else could be looked at and forgiven. especially during covid with all the extra stress on folks on all sides.

dirtyfreebooter

@rcmcdonald91 i mean kinda, so scott has to see the other side take the high road before netgate/he will. gross and pathetic is that is the case.

@dirtyfreebooter said in WireGuard in pfSense 2.5 Performance:

Netgate to be the mature ones here and show they are adults

Yup. Two ways to see this. Leadership didn't review the blog post in the context of the other chatter going on or they did and approved it. Not good either way.

[Edited: someone had the good sense to pull Scott Long's last blog post down]

Takes just a moment to break trust. Takes a long time to regain trust once lost.

Netgate isn't going to miss me. I've not spent money with them other than one $100 gold when that was a thing. I'm not going to say they are going to loose revenue generating business, but I will say this isn't going to generate any business for them. I wish them luck. A lot of the people on their payroll are good people and I hope for a good outcome for them.

I already have a multi-layer switch (catalyst 1000-24p-4x) and I could use my current gateway HW for DNS/DHCP and VPN server plus other things in VM's. Maybe get an ISR 931? I'd do it just to learn. It wasn't that many years ago I was still using consumer networking gear. AirPort Extreme...

We'll see. I need to let this soak for a while...

Bob.Dig

Netgate is pissed off and they have good reason for that. But is there really something to learn (in a good way)? I doubt that.
We can only hope, that something better comes out of this, a compromise.

Someone at Netgate had the goodSense(tm) to pull down that last blog post.

mike69

@dirtyfreebooter said in WireGuard in pfSense 2.5 Performance:

https://www.netgate.com/blog/painful-lessons-learned-in-security-and-community.html

Blog is deleted. That's fast. :)

dotdash

@jwj
Uh, nope. Check again. Blog is back up. Technical difficulties cited. Maybe they like that hill?

cmcdonald

This post is deleted!

mike69

@dotdash

Yes. :)
Thanks.

perlenbacher

Jason Donenfeld to the rescue!

https://lists.zx2c4.com/pipermail/wireguard/2021-March/006518.html

jwt

@heper point in fact the “new one” has nearly all the code of the “old one”, but you wouldn’t know it for the marketing, right?

(Point in fact the old one was based on the openbsd one. And this is how open source works, right?)

heper

@jwt is/was this reply intended for someone else?