Alternative to UDP

Philippe Langlois phil at p1sec.com
Mon Feb 19 23:29:42 CET 2018


Dear Eric,

I strongly second Steve's opinion here: if you want this, make it
option-defined, and definitely not the default option.
The case study to look at is SCTP:
https://en.wikipedia.org/wiki/Stream_Control_Transmission_Protocol

While an interesting and useful protocol, SCTP adoption and support is
severely limited by the fact that it is an IP protocol on its own:
SCTP gets dropped in 90% of implementations doing IP packet header
operations (NAT, PCEF, Firewalls, 6to4 ...)

Hope this helps,
Best regards,
Philippe Langlois.
--
http://www.P1security.com
Priority One Security


This transmission is intended only for the use of the addressee and may
contain information that is privileged, confidential and exempt from
disclosure under applicable law. If you are not the intended recipient, you
are hereby notified that any dissemination, distribution or copying of this
communication is strictly prohibited.
If you have received this communication in error, please notify us
immediately.

On Mon, Feb 19, 2018 at 11:15 PM, Steve Gilberd <steve at erayd.net> wrote:

> Hi,
>
> This feels like a bad idea to me - switching to a dedicated protocol would
> remove a small amount of overhead, but comes with a lot of downsides, which
> in my opinion outweighs the minor benefit of removing some of the overhead.
>
> I have a strong preference for the continued use of UDP, because a large
> amount of consumer networking gear can't handle destination NAT for
> anything that isn't UDP or TCP. And even wth gear that can, using a
> separate IP protocol would limit clients relying on destination NAT to one
> client machine per public IP.
>
> Cheers,
> Steve
>
>
> On Tue, 20 Feb 2018, 09:20 Eric Dillmann, <lists at jave.fr> wrote:
>
>> Hi,
>>
>> Today i discovered that OVH is limiting UDP rate to 6Mbit/s, i did a test
>> by encapsulating wireguard in an ip/ip tunnel
>> and got 90Mbit/S.
>>
>> Is there a way to make wireguard evolve to use it's own protocol number.
>>
>> That would prevent the overhead of wireguard over ipip/gre/vxlan ...
>>
>> Thanks,
>> Regards,
>> Eric
>> _______________________________________________
>> WireGuard mailing list
>> WireGuard at lists.zx2c4.com
>> https://lists.zx2c4.com/mailman/listinfo/wireguard
>>
> --
>
> Cheers,
>
> *Steve Gilberd*
> Erayd LTD *·* Consultant
> *Phone: +64 4 974-4229 <+64%204-974%204229> **·** Mob: +64 27 565-3237
> <+64%2027%20565%203237>*
> *PO Box 10019 The Terrace, Wellington 6143, NZ*
>
> _______________________________________________
> WireGuard mailing list
> WireGuard at lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/wireguard
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/wireguard/attachments/20180219/ca0262b0/attachment.html>


More information about the WireGuard mailing list