1 |
On 9/5/18 8:44 AM, Bill Kenworthy wrote: |
2 |
> On 05/09/18 20:15, james wrote: |
3 |
>> So, I need to be able setup and tear down a 4-component network. |
4 |
>> Sometimes all (4) systems will be in the same location, probably about |
5 |
>> 50% of the time. |
6 |
>> |
7 |
>> My (3) personal systems are: |
8 |
>> (1) gentoo laptop (Open RC if that matters) |
9 |
>> (1) window-7 laptop |
10 |
>> (1) Android Cell (galaxy note 9) |
11 |
>> |
12 |
>> These (3) are with me most about 70% of the time, but |
13 |
>> often they will be in different locations hundreds of miles apart. |
14 |
>> |
15 |
>> |
16 |
>> (1) The corporate windows workstation/server. (always stationary). |
17 |
>> (4) Total, often just the the (3) systems on this transient net. |
18 |
>> |
19 |
>> |
20 |
>> So, my research suggest that WireGuard might be best because most of |
21 |
>> what I'm moving around is a wide variety of image types, as well as |
22 |
>> video and 3D/4D files and binaries for odd-ball embedded devices, of a |
23 |
>> wide variety. Eventually the file movement will be mostly automated |
24 |
>> (scripted). WireGuard purports to have the most bandwidth capabilities |
25 |
>> and some of these file_sets will be in the gigabyte range often. |
26 |
>> |
27 |
>> |
28 |
>> I've found lots to read and noodle with, but I'm curious what (gentoo) |
29 |
>> folks would suggest. For starters it cannot use an outsourced VPN; |
30 |
>> that's dictated by others. So a "home-spun VPN" is warranted. |
31 |
>> |
32 |
>> |
33 |
>> From others :: |
34 |
>> "But WireGuard being awesome is old news. The new news is that now |
35 |
>> there�s an easy way to integrate it into Android ROMs and kernels. " |
36 |
>> |
37 |
>> |
38 |
>> |
39 |
>> https://opensource.com/article/18/8/open-source-tools-vpn |
40 |
>> |
41 |
>> https://www.wireguard.com/install/ |
42 |
>> |
43 |
>> https://github.com/max-moser/network-manager-wireguard |
44 |
>> |
45 |
>> https://forum.xda-developers.com/android/development/wireguard-rom-integration-t3711635 |
46 |
>> |
47 |
>> |
48 |
>> Those are a few links I found, but I really want a gentoo centric |
49 |
>> method. Others suggests, for custom ROMs, to anything to secure the |
50 |
>> Android phone and get rid of the "crap apps" would be most welcome. If I |
51 |
>> cannot get rid of them I'd like a systematic way to bury those pesky |
52 |
>> Android apps that pedestrian use, down the tree somewhere. I guess what |
53 |
>> I'm trying to say is once I get the (4) devices working, I'll be testing |
54 |
>> a variety of way to setup Android or embedded gentoo on that Android |
55 |
>> Galaxy-9 so I control the stack, it can deeply sniffed, either on the |
56 |
>> internal device or on external ports, via Deep Packet Inspection codes |
57 |
>> on the ports via other microprocessors running embedded gentoo. |
58 |
>> |
59 |
>> Use Gentoo prefix? |
60 |
>> |
61 |
>> An android experimental stack? |
62 |
>> |
63 |
>> I have a second cell phone so I can do whatever I need to with the |
64 |
>> Android Galaxy Note 9. Jtag or other low level hardware programmers are |
65 |
>> of keen interest; mandatory. Perhaps Samsung or another vendor sells the |
66 |
>> hardware programming equipment? 5G bandwidth is definitely front and |
67 |
>> center, when and where it's available, but ignored for now or until |
68 |
>> those phones are available. |
69 |
>> |
70 |
>> |
71 |
>> Discussion, ideas and suggestions are most welcome. |
72 |
>> |
73 |
>> |
74 |
>> curiously, |
75 |
>> James |
76 |
>> |
77 |
> Have not used wireguard. |
78 |
> |
79 |
> all running over port 443 |
80 |
> |
81 |
> openvpn for linux/android |
82 |
> |
83 |
> proxytunnel on windows to stunnel on a linux server for the corporate |
84 |
> network. |
85 |
> |
86 |
> Use the sslh multiplexor to control and switch incoming ssl. |
87 |
> |
88 |
> Unfortunately I have some difficult networks to get out of.� Performance |
89 |
> is ok for gentoo distfile download from my repo, but I have not tried |
90 |
> super large files. |
91 |
> |
92 |
> |
93 |
> BillK |
94 |
|
95 |
Thanks BillK. I'll test this and post-back. I'm going to test a variety |
96 |
of suggestions, with deference to a gentoo-centric solution. |
97 |
|
98 |
James |