database64128
commented
1 year ago swgp-go is a packet proxy. It's based on the client-server model, rather than the initiator-responder model used by the Noise protocol. The packets between a swgp-go client and server are obfuscated or encrypted, to varying degrees, depending on your chosen mode.
In the context of censorship circumvention, the user behind the censor is usually the only initiator. Therefore the most common way of deployment is to run a "client" on the user side and a "server" on the remote side. The current design of swgp-go is not suitable for situations where both peers need to be able to actively initiate new sessions after long periods of inactivity.
vnxme
Hello,
The current page is confusing, firstly because with WG there were never a server and a client, but only peers (nodes);
As such it is unclear which side needs to run swgp-go server and which a client; or do both communicating peers need to run both a server and a client? The latter appears to be the case, because the "server" part talks only about decryption, and the client part is about encryption. Or if not, does this mean that only the traffic flowing from client to server is encrypted, what about the return traffic?
Can there be multiple "servers" and multiple "clients" clauses in the config file, and how they would be matched to each other (or should they be)?
Thanks