| 1 |
On 05/09/18 20:15, james wrote: |
| 2 |
> So, I need to be able setup and tear down a 4-component network. |
| 3 |
> Sometimes all (4) systems will be in the same location, probably about |
| 4 |
> 50% of the time. |
| 5 |
> |
| 6 |
> My (3) personal systems are: |
| 7 |
> (1) gentoo laptop (Open RC if that matters) |
| 8 |
> (1) window-7 laptop |
| 9 |
> (1) Android Cell (galaxy note 9) |
| 10 |
> |
| 11 |
> These (3) are with me most about 70% of the time, but |
| 12 |
> often they will be in different locations hundreds of miles apart. |
| 13 |
> |
| 14 |
> |
| 15 |
> (1) The corporate windows workstation/server. (always stationary). |
| 16 |
> (4) Total, often just the the (3) systems on this transient net. |
| 17 |
> |
| 18 |
> |
| 19 |
> So, my research suggest that WireGuard might be best because most of |
| 20 |
> what I'm moving around is a wide variety of image types, as well as |
| 21 |
> video and 3D/4D files and binaries for odd-ball embedded devices, of a |
| 22 |
> wide variety. Eventually the file movement will be mostly automated |
| 23 |
> (scripted). WireGuard purports to have the most bandwidth capabilities |
| 24 |
> and some of these file_sets will be in the gigabyte range often. |
| 25 |
> |
| 26 |
> |
| 27 |
> I've found lots to read and noodle with, but I'm curious what (gentoo) |
| 28 |
> folks would suggest. For starters it cannot use an outsourced VPN; |
| 29 |
> that's dictated by others. So a "home-spun VPN" is warranted. |
| 30 |
> |
| 31 |
> |
| 32 |
> From others :: |
| 33 |
> "But WireGuard being awesome is old news. The new news is that now |
| 34 |
> there�s an easy way to integrate it into Android ROMs and kernels. " |
| 35 |
> |
| 36 |
> |
| 37 |
> |
| 38 |
> https://opensource.com/article/18/8/open-source-tools-vpn |
| 39 |
> |
| 40 |
> https://www.wireguard.com/install/ |
| 41 |
> |
| 42 |
> https://github.com/max-moser/network-manager-wireguard |
| 43 |
> |
| 44 |
> https://forum.xda-developers.com/android/development/wireguard-rom-integration-t3711635 |
| 45 |
> |
| 46 |
> |
| 47 |
> Those are a few links I found, but I really want a gentoo centric |
| 48 |
> method. Others suggests, for custom ROMs, to anything to secure the |
| 49 |
> Android phone and get rid of the "crap apps" would be most welcome. If I |
| 50 |
> cannot get rid of them I'd like a systematic way to bury those pesky |
| 51 |
> Android apps that pedestrian use, down the tree somewhere. I guess what |
| 52 |
> I'm trying to say is once I get the (4) devices working, I'll be testing |
| 53 |
> a variety of way to setup Android or embedded gentoo on that Android |
| 54 |
> Galaxy-9 so I control the stack, it can deeply sniffed, either on the |
| 55 |
> internal device or on external ports, via Deep Packet Inspection codes |
| 56 |
> on the ports via other microprocessors running embedded gentoo. |
| 57 |
> |
| 58 |
> Use Gentoo prefix? |
| 59 |
> |
| 60 |
> An android experimental stack? |
| 61 |
> |
| 62 |
> I have a second cell phone so I can do whatever I need to with the |
| 63 |
> Android Galaxy Note 9. Jtag or other low level hardware programmers are |
| 64 |
> of keen interest; mandatory. Perhaps Samsung or another vendor sells the |
| 65 |
> hardware programming equipment? 5G bandwidth is definitely front and |
| 66 |
> center, when and where it's available, but ignored for now or until |
| 67 |
> those phones are available. |
| 68 |
> |
| 69 |
> |
| 70 |
> Discussion, ideas and suggestions are most welcome. |
| 71 |
> |
| 72 |
> |
| 73 |
> curiously, |
| 74 |
> James |
| 75 |
> |
| 76 |
Have not used wireguard. |
| 77 |
|
| 78 |
all running over port 443 |
| 79 |
|
| 80 |
openvpn for linux/android |
| 81 |
|
| 82 |
proxytunnel on windows to stunnel on a linux server for the corporate |
| 83 |
network. |
| 84 |
|
| 85 |
Use the sslh multiplexor to control and switch incoming ssl. |
| 86 |
|
| 87 |
Unfortunately I have some difficult networks to get out of. Performance |
| 88 |
is ok for gentoo distfile download from my repo, but I have not tried |
| 89 |
super large files. |
| 90 |
|
| 91 |
|
| 92 |
BillK |
Archives