Building Scalable Mesh VPNs with WireGuard
the challenges and rewards of Linux's newest peer-to-peer VPN
Jim Salter (@jrssnet) is an author, public speaker, mercenary sysadmin, and father of three—not necessarily in that order. He writes for Ars Technica, co-hosts the TechSNAP podcast with Wes Payne, created and manages the popular Sanoid snapshot and replication management system for OpenZFS, and generally annoys and delights people all over the world.
WireGuard, a kernel-mode peer-to-peer encrypted tunnel provider, is the new hotness in the VPN world. In late 2018, I migrated my 50+ site self-hosted mesh VPN from OpenVPN to WireGuard. In this talk, we'll discuss the challenges and rewards of using WireGuard to provide moderate-to-large scale VPN infrastructure, and I'll share my experiences with it in production.
I've previously covered WireGuard for Ars Technica, the Ask Noah Show, and TechSNAP.
- 45 min
- LinuxFest Northwest 2019
- Jupiter Broadcasting