Wire Guard and FreeBSD

Doug Denault doug at safeport.com
Tue Mar 30 17:42:12 UTC 2021

On Mon, 29 Mar 2021, Christos Chatzaras wrote:

>> On 29 Mar 2021, at 23:34, Jerry <jerry at seibercom.net> wrote:
>> I just found this story regarding Wire Guard and FreeBSD. I thought it was
>> rather interesting.
> There are some discussions in the forum:

I did not interpret the arsTechnica article the way the first poster in the 
forum did. My take, Netgate sponsored a guy named Matthew Macy to write the 
FreeBSD kernel code to implement WireGuard. This he did apparently starting 
from scratch and (my interpretation) ignored suggestions and/or the offer 
of help from Jason Donenfeld who is clearly (if not original author of) the 
main contributor to WireGuard. That Macy's code was horribly flawed is 
not in dispute and that was not what I took from the article. The issue for 
us as FreeBSD users is that because of size, complexity, and Marcy's 
credentials, the code got little or no review almost making it into the 
13.0-RELEASE. It didn't so cool. That it got as close as the article 
states, not so cool. Anyone interested should read the arsTechnica article, 

That was not what I really wanted to ask and did not know how. WireGuard 
would seem to be a really easy to use and high performance VPN. It has been 
a port for some time apparently. My questions: (1) does adding it to the 
kernel make it that much better? (2) was it going into the generic kernel? 
(3) and lastly other that looking a the kernel source is there a way of 
telling what's in the generic kernel?

Douglas Denault
doug at safeport.com
Voice: 301-217-9220
   Fax: 301-217-9277

More information about the freebsd-questions mailing list