Products Firewalla Gold SE Firewalla Gold Pro Firewalla Gold Plus Firewalla Purple Firewalla Purple SE Firewalla Wi-Fi SD Product Comparison Product Reviews

Firewalla Blue and Wireguard

Follow
Avatar
Rich T.

I have a blue (not plus) and Purple and am curious as to why the Wireguard client isn't available on Blue. Does Wireguard require significantly more RAM to run than OpenVPN?

0

Comments

7 comments

Sort by Date Votes
  • Avatar
    mozarella

    good thinking. wireguard should be more efficient and should use less ressources than OpenVPN, isn't it? I'm using GL.inet mango router as wireguard-server in my home-network and it runs quite smooth. The small mango router is also USB-powered like firewalla and really a tiny box.

    German's brand AVM Fritzbox will use wireguard as server and client in future release, just in beta state. Maybe fritzbox is having a bit more cpu and ram power than firewalla blue, but it is also hosting webserver (for configuration), ftp-server, samba-server, could act as phone-system, 5 times GBit-ports (one is for WAN, but could be converted for LAN-usage). Small router with a bit more cpu and ram power but lots of services running + wireguard in the future.

    So i think, wireguard should also be possible in firewalla blue, isn't it?

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    WireGuard itself is efficient, but it does take a lot more to monitor everything going in/out from it. Means, you can see all the flows going in/out of any wireguard instance, and apply policies to each of the instances ... 

    0
    Comment actions Permalink
  • Avatar
    Rich T.

    So are you saying Blue would not be capable of running it, even though it runs OpenVPN at the same speed as Blue plus? or is this a business decision to push people to new hardware? 

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    OpenVPN does NOT collect flow data. So if you want wireguard, it needs to be on a faster platform.

    0
    Comment actions Permalink
  • Avatar
    Rich T.

    So blue is not capable of running wireguard and collecting flow data because of the CPU difference from blue to blue plus?

    0
    Comment actions Permalink
  • Avatar
    mozarella

    the monitoring is a problem of wireguard or firewalla?

    My mango router also has low cpu and ram, but still can handle wireguard traffic besides other services.

    maybe it is possible to limitate the monitoring?

    0
    Comment actions Permalink
  • Avatar
    Firewalla
    • Edited

    The monitoring cost is on the "firewalla" side, it takes a lot of system resources (more memory, and a bit more CPU) to record, and manipulate the flows. We are unlikely to make another version without the logs. 

    @Rich, the blue plus is 20% faster and also 1GB of memory more. So it has the capability to run both OpenVPN + WireGuard with logging together.

    0
    Comment actions Permalink

Please sign in to leave a comment.

Didn't find what you were looking for?

New post