Closed USBhost closed 3 months ago
erebe
commented
3 months ago Thank you for the kind words :sweat_smile: You should try the new release, the binaries should be smaller, I strip the debug symbols as wstunnel is more stable now. https://github.com/erebe/wstunnel/releases/tag/v9.2.2
Feel free to open a PR to add it in the README, I was afraid to put an explanation that would confuse people. But yeah, wstunnel is more akin to a proxy than a real tunnel with encapsulation of packets.
USBhost
commented
3 months ago Thanks for removing the debug symbols because I thought the file was really 50MB lol... now it's like 6mb so much better. Also I have been wondering what tls version are you using?
Also random question are you using hardware acceleration for the encrypt/decrypt?
erebe
commented
3 months ago For tls, it uses either 1.2 or 1.3, preferably 1.3 if both client and server allows it.
For hardware acceleration for the encrypt/decrypt, I doubt because the builds are for generic CPU target, which does not include them. But honestly, I don't know.
If you want that, you may want to your own buld with -cpu=native
USBhost
commented
3 months ago IIRC hardware acceleration is not dependent on compile flags. It's supposed to try and use a API or something to interface with the hardware. But anyways I decided to run some benchmarks comparing ws vs wss. It turns out ws is 2x faster than wss (I was always cpu bound on the client side). Sure this does not really mean much if your on x86 but when it's running on small systems you begin to notice.
Also thanks for the tls information.
Hello erebe! I have to send a post of thanks for this program. I got it working almost seamless on a GL-MT3000 (travel router) running Stock OpenWRT. Since this router has 256MB of storage I can run that 50mb static aarch64 image you have on release. Also since this is a router you can easily route IPs through interfaces using policy based routing. I have wstunnel start on bootup and after that all I have to do is restart my wireguard interface and all is well.
This little CPU only can do 40-60Mbps vs 300Mbps just on wireguard but that's to be expected.
Also at first I thought this tunnel suffered from that TCP over TCP issues but I found your reddit post explaining it does not work that way. Could you add this to the description so people do not pass this project over for that. If not I'll throw a PR whenever I have the time.