search

aleskxyz / reality-ezpz

Install sing-box/xray and configure vless / tuic / hysteria2 / shadowtls for reality or tls (letsencrypt) over different transport protocols (tcp, http, grpc and websocket) with user management capability in CLI, TUI and Telegram bot by a single command in docker compose!
Apache License 2.0
1.18k stars 184 forks source link

Using wireguard in kernel #123

Open radiumatic opened 10 months ago

radiumatic commented 10 months ago

The wireguard module in kernel (or even a cpp implementation) has far better performance than singbox's embedded one. I think it might be possible to create a virtual interface for wireguard and config the "bypass" or "freedom" output to go through it.

aleskxyz commented 10 months ago

Regarding the discussion at https://github.com/aleskxyz/reality-ezpz/issues/122:

Using the wg module in the kernel introduces many non-portable changes to the machine. Also, there needs to be a mechanism to ensure that the tunnel is always up and to manage changes in its configuration.

If there is a portable, Docker-compatible solution for it, we can implement it. Do you have any benchmarks regarding the performance of "CF Warp" with the wg module and single-box?

radiumatic commented 10 months ago

Actually there's a dockerized version of Wireguard, would you please take a look at it? And since it's relevant, being able to use custom a Wireguard configuration would be great. As for the benchmark, I'm afraid I don't have one, but it's considered "general knowledge" in singbox/xray community that the implemented Wireguard module doesn't perform as well as a kernel module or a "lower-level" client.