WG was always so much better anyway.
Famous VPN company Mullvald says it will no longer use OpenVPN
Submitted 3 weeks ago by Davriellelouna@lemmy.world to technology@lemmy.world
https://mullvad.net/en/blog/reminder-that-openvpn-is-being-removed
Comments
black_flag@lemmy.dbzer0.com 3 weeks ago
chocrates@piefed.world 3 weeks ago
Well it was written to replace open VPN right? So that makes sense
corsicanguppy@lemmy.ca 3 weeks ago
Don’t let openvpn get a swelled head. Itself it was just a Bender project (“I’m gonna write vtun better; with hookers and beer!”) anyway.
Redjard@lemmy.dbzer0.com 3 weeks ago
Not sure about that. I set up a wg vpn server on a system which then became unresponsive whenever wg was fully saturating the network. Turns out there is apparently no way to throttle or prioritize a wg server, the only way I could think of would be to dedicate a vm to solely the wg vpn and throttle that vm in its networking.
I instead switched to openvpn which can simply be throttled via a line in its configuration.Besides that missing feature, openvpn also doesn’t require figuring out the right iptables commands to verbatim paste into its config as startup and shutdown commands. Setting it up was way easier than wg (though openvpn too wasn’t exactly user-friendly).
WG to me seems too clunky and unfinished for more mainstream usage, though I am sure it wouldn’t be an issue for a large commercial user like mullvad that will have no issue with all that.
Illecors@lemmy.cafe 3 weeks ago
Regarding link saturation - have you tried tc/wondershaper? unix.stackexchange.com/…/how-to-limit-network-ban…
Iptables commands - that was needed at the very launch of wg, I’ve not had to deal with it for some time now.
Personal/commercial use - I’m on a completely opposite side. It’s perfect for personal use, but its lack of dhcp support makes me question its capability in a commercial setting. Many providers offer it, so clearly that’s not an insurmountable task, but I’m still curious how they sort out their backend.
killeronthecorner@lemmy.world 3 weeks ago
Urgh, I don’t really have time to do this migration but guess I’m planning it in anyway.
Past me was a lazy bum. But I’m confident that future me is all over this. Time for a nap.
javiwhite@feddit.uk 3 weeks ago
Damn you sir, you didn’t need to call me out with that last sentence.
No, I know it wasn’t my shoe, but look at how well it fits!
cupcakezealot@piefed.blahaj.zone 3 weeks ago
mullvad and windscribe are the only two i support <3
Sunshine@piefed.social 3 weeks ago
Do you have a stance on IVPN?
dinckelman@lemmy.world 3 weeks ago
I’ve had an active iVPN sub for almost 8 years now. Cannot say anything bad about them whatsoever
JustARaccoon@lemmy.world 3 weeks ago
A bit annoying for all the things that don’t support openvpn, like old Synology NAS devices.
theherk@lemmy.world 3 weeks ago
You can install a wireguard spk from blackvoid - Wireguard SPK for your Synology NAS.
JustARaccoon@lemmy.world 3 weeks ago
Oh that’s interesting, I’ll give it a try, thanks!
Imgonnatrythis@sh.itjust.works 3 weeks ago
Bummer. For whatever reason I always get much better speeds on openvpn servers.
AbidanYre@lemmy.world 3 weeks ago
That’s not something you hear very often.
henfredemars@infosec.pub 3 weeks ago
That’s very strange. WireGuard was specifically created in part because of speed limitations.
Sibyls@lemmy.ml 3 weeks ago
Sounds like an issue with your network or routes. By design, WG is faster.
Imgonnatrythis@sh.itjust.works 3 weeks ago
I’m sure it is, Im just not sure where to start and I get pretty decent speeds on open vpn. I guess now I’m going to have to try to figure it out
Kyle@lemmy.ca 3 weeks ago
Only the opposite has ever happened for me.
Imgonnatrythis@sh.itjust.works 3 weeks ago
Oh I know it’s odd. I think it must be something with my router or windows configuration, but it’s very noticeably different between the two.
Sir_Kevin@lemmy.dbzer0.com 3 weeks ago
Good! That shit needs to be phased out.
drath@lemmy.world 2 weeks ago
This post makes it look like there’s something serious ly wrong with openvpn, but it’s just them not wanting to deal with it and deprecating it.
Oh well, guess Ill put a note not to use them. My country blocks VPN protocols and wg specifically, so for my usecase I need as many protocols supported as possible, preferrably mimicking other innocuous protocols.
stsquad@lemmy.ml 3 weeks ago
Because OpenVPN is fiddly to set up and modern Wireguard setups seem to scale well enough.
Magister@lemmy.world 3 weeks ago
I remember maybe 12-15 years ago, setting OpenVPN on my TomatoUSB flashed router, invoking all kind of openssl command to generate certificates, keys, signing stuff, setting the router, setting the TAP/TUN clients etc. but once setup it works for years on my laptop, phone, etc.
Now with WG I basically scan on my phone a QR code generated on my Merlin router and that’s it.
WhyJiffie@sh.itjust.works 3 weeks ago
merlin has built-in wireguard support??
interdimensionalmeme@lemmy.ml 3 weeks ago
Try openwrt, ddwrt is cancer.
_cryptagion@lemmy.dbzer0.com 3 weeks ago
I’m using Bazzite Linux with KDE, and for me Wireguard setup is copy/pasting several bits of information on multiple screens. OpenVPN is just downloading a single config file and inputting my user/pass.
Also, Wireguard disconnects so often, no matter which distro I’m on, that it’s a pain in the butt having to reconnect a few times an hour.
ugo@feddit.it 3 weeks ago
pressanykeynow@lemmy.world 2 weeks ago
Wireguard is udp, it never “connects”, there’s no session.