Open Phoenix-999 opened 4 months ago
@Phoenix-999 Thanks for your informative suggestions. I would like to know what is the benefit of the WireGuard Outbound suggestion? Is not it better to use Wireguard outbound as the primary outbound? And what is the reason of difference between DomainStrategy of peer and outbound?
Hi @MJamshidnejad
Of course, these are only suggestions, and both approaches should be considered ideal for use.
In summary, the benefits of WireGuard Outbound Configuration lie in its flexibility, enabling the use of different protocols for specific types of traffic. WireGuard is chosen for its efficiency and security features, while WARP IPv4 and IPv6 are employed for specific domain strategies.
The decision to use WireGuard Outbound as the primary outbound depends on factors such as speed, simplicity, and security, aligning with the specific requirements and goals of the network.
Regarding the difference in Domain Strategy, WARP IPv4 and IPv6 are utilized to direct traffic to specific IP versions. In contrast, WireGuard uses "ForceIP," ensuring that traffic is forced to use IPv4. This distinction may be based on optimization needs for specific applications or services in the network.
I hope the above makes sense, and I am eager to see more knowledgeable individuals on this platform contribute to creating a robust way for using this amazing feature.
PS : I'm still a newbie and learning my way around all this. 😊
Hi @MJamshidnejad
Of course, these are only suggestions, and both approaches should be considered ideal for use.
In summary, the benefits of WireGuard Outbound Configuration lie in its flexibility, enabling the use of different protocols for specific types of traffic. WireGuard is chosen for its efficiency and security features, while WARP IPv4 and IPv6 are employed for specific domain strategies.
The decision to use WireGuard Outbound as the primary outbound depends on factors such as speed, simplicity, and security, aligning with the specific requirements and goals of the network.
Regarding the difference in Domain Strategy, WARP IPv4 and IPv6 are utilized to direct traffic to specific IP versions. In contrast, WireGuard uses "ForceIP," ensuring that traffic is forced to use IPv4. This distinction may be based on optimization needs for specific applications or services in the network.
I hope the above makes sense, and I am eager to see more knowledgeable individuals on this platform contribute to creating a robust way for using this amazing feature.
PS : I'm still a newbie and learning my way around all this. 😊
As far as I know, most the cases you mentioned is related to the core not the panel. However, they are interesting. it would be better if you learn Go and work on your ideas. Your suggestion for Warp took my attention because I tried to use WG as the first and primary outbound but It seems the implementation is not CPU-friend and it cannot handle traffic flow (just) when it is used as primary outbound. I thought that fixes this problem.
Here are some suggestions to improve WARP in the outbounds:
In the IPV6 section, consider adding a subnet with a prefix length.
Example
/128 for Individual Hosts:
Advantage: Provides a single, unique address for a specific host/device. Consideration: No room for additional hosts on the same subnet. It's a point-to-point connection. Use Case: Appropriate for scenarios where each IPv6 address corresponds to a specific, dedicated device.
Larger Subnet (e.g., /64):
Advantage: Allows for multiple hosts within the same subnet. Consideration: Subnets smaller than /64 are generally not recommended due to IPv6 design principles. Use Case: Suitable for scenarios where you have multiple devices on the same network segment.
Consider adding "reserved" field in a WireGuard configuration, such as:
Example
Advantages:
Conflict Avoidance: The reserved values help prevent conflicts and unintended use of specific IP addresses that might have special meanings or functions. Future-Proofing: By reserving certain values, the configuration is prepared for potential future changes or additions to the network without disrupting existing assignments.
Here an example of the complete WireGuard Outbound
Here are some suggestions to improve WARP in the inbound: Consider adding a manual input field so that users can add any desired web domain to the WARP section.
Below might help to enhance and make WARP more practical.
Output information
For more management interface descriptions, please refer to official-warp-api.txt. official-warp-api.txt
Ps: I understand that the phrase 'Thank you' might be a rare sentiment and an uncommon commodity in your department, but we want you to know that we all genuinely appreciate your efforts. Even those who use the free internet every day without knowing the risks you take for our safety and security to ensure we can connect to the free internet. Thank you for shouldering these burdens with strength and dedication.
"When injustice becomes law, resistance becomes duty."