At the core of many network firmware operating systems is often Linux, which serves as a foundational component.
On March 29, Linux creator Linus Torvalds released the Linux 5.6 kernel, which offers a long list of new features. Of particular note for networking professionals is the inclusion of WireGuard Virtual Private Network (VPN) open source technology. Work to include WireGuard directly into Linux has been ongoing since March 2019, though WireGuard development itself has been ongoing since 2015.
At its core, WireGuard is a secure network tunnel written especially for Linux, and optimized for performance and ease of configuration.
“It has been designed with the primary goal of being both easy to audit by virtue of being small and highly secure from a cryptography and systems security perspective,” WireGuard creator Jason Donenfeld wrote in a Linux Kernel Mailing List (LKML) commit message.
Even before WireGuard was directly integrated into Linux, it had been available in what is known as an out-of-tree module, as wall as user space tools. By being directly integrated into Linux, WireGuard is now even more accessible to a wider user community. In contrast with other options for VPN, WireGuard provides a very small attack surface for any potential attacker.
“WireGuard uses state-of-the-art cryptography, like the Noise protocol framework, Curve25519, ChaCha20, Poly1305, BLAKE2, SipHash24, HKDF, and secure trusted constructions,” the WireGuard documentation states. “It makes conservative and reasonable choices and has been reviewed by cryptographers. “
MPTCP Protocol Support
Linux 5.6 also introduces native Linux kernel support for the Intel-led Multipath TCP (MPTCP) protocol.
The Internet Engineering Task Force (IETF) specifications for MPTCP note that TCP/IP communication is currently restricted to a single path per connection, yet multiple paths often exist between peers.
The simultaneous use of these multiple paths for a TCP/IP session would improve resource usage within the network and, thus, improve user experience through higher throughput and improved resilience to network failure,” the IETF states. “Multipath TCP provides the ability to simultaneously use multiple paths between peers.”
Coronavirus and Linux Kernel Development
The Linux 5.6 release comes as the COVID-19 pandemic rages around the globe. While the pandemic is having widespread impact on humanity, it’s not slowing down the pace of Linux Kernel development.
“While I haven’t really seen any real sign of kernel development being impacted by all the coronavirus activity – I suspect a lot of us work from home even normally,” Torvalds wrote in the Linux 5.6 release announcement. “I’m currently going by the assumption that we’ll have a fairly normal 5.7 release, and there doesn’t seem to be any signs saying otherwise, but hey, people may have better-than-usual reasons for missing the merge window.”
Sean Michael Kerner is a senior editor at EnterpriseNetworkingPlanet and InternetNews.com. Follow him on Twitter @TechJournalist.
