TCP Wireguard with socat
Matthias Urlichs
matthias at urlichs.de
Tue Mar 13 14:43:48 CET 2018
On 13.03.2018 10:19, Gianluca Gabrielli wrote:
> I'm wondering why we should prepend a length to each datagram. On the datagram's header the payload length is already present, should not be enough to reconstruct the original datagram after the stream has been unwrapped?
Not really, because the datagram's payload length doesn't have to
correspond to the frame length. Think malicious malformed packets, or
networks with a minimum packet length, or protocols other than wireguard
– you shouldn't assume that no other data is transmitted on that link.
Even if all that were true, or if you enfore that on the sending side,
you'd still need a specialized unpacker on the receiving end. Easier to
just use a tool that doesn't have any of these problems.
--
-- Matthias Urlichs
More information about the WireGuard
mailing list