Talk:Wireguard

From Gentoo Wiki
Jump to:navigation Jump to:search
Note
This is a talk page. Please add newer comments below older ones, and sign your comments using four tildes (~~~~). When adding a new section (at the bottom of the page), please mark it as "open for discussion" by using {{talk|open}} so it will show up in the list of open discussions.

Definitions

Talk status
This discussion is done.

Anyone can point me to the technical description of site-to-point and site-to-site connections? I have never heard of site-to-point connections, and site-to-site connections. Point-to-point is a networking term, point-to-multipoint is a networking term too. Hub and spoke is a networking term. But what is a site-to-site connection? This both terms I am referring to are used in the first sentences on this article. Thanks Needle (talk) 12:02, 30 December 2020 (UTC)

Hi Needle, I'm no VPN or network expert, but does this help? --Maffblaster (talk) 18:08, 31 December 2020 (UTC)
I believe that a "site-to-point" connection is what is also called a "client-to-site" connection, i.e. a connection in which one VPN endpoint, the "client", is a single device (e.g. a laptop computer) and the other one is a gateway to a network of devices, giving the "client" secure access to the entire network. A "site-to-site" connection is a connection in which both VPN endpoints are gateways to networks, enabling secure communications between any pair of devices from those "sites". — GuillermoDH (talk) 21:03, 2 January 2021 (UTC)
Thanks. This all VPN jargon is kind of buzzword bingo for me, and most probably for the future readers too. I am not sure it makes sense mentioning, these 3 terms right at the beginning of the article. The reason is, this 3 connection types mentioned are possible with all kind of IPSec software. It is not exclusive to wireguard, actually even using openvpn, openconnect and vpnc. From my point of view these 3 connection types should be further explained in the article and and howto implement them. For example, as seen from the IP level, a "site-to-site" connection implementation is the same as "point-to-point", it only differs by the amount of IP routes on both sides, and the used routed protocol static routing or dynamic routing protocol. "site-to-point connection" might be maybe a term from the security area. I have been asking around on freenode in the known networking channels if "site-to-point" is actually a term that means something technical , and we all came to the same conclusion, this is marketing buzzword. I have swapped these 3 terms with "secure connections" Mentioning "full tunnel" or "split tunnel" conneciton would make more sense, not only here but also on other wiki articles. I might be biased, and have very limited knowledge about the security networking. I suggest to remove these 3 connection types if they are not explicitelly described in the article. Instead I would write "secure connections". Because then the article is more understandable for users and does not add any buzzword that are not eplained. I am not against mentioning these terms, I am more against it using "difficult to explain" terms that are not explained anymore. If someone would explain and howto implement I am for it. But as long as it is not found anywhere then I am a friend of simplicity. From my point of view, less is more. Needle (talk) 18:59, 3 January 2021 (UTC)