Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Nebula does use WireGuard, as per their go.mod file.

EDIT: actually, they just use various I/O abstractions that WireGuard developed.



Looking at that file may make you reach misleading conclusions. Some tun/io code may be use but there's that. As far as I understand WireGuard the protocol is not used anywhere:

  nebula (master)> git rev-parse HEAD
  2b427a7e8934f0a436fea25eb40a6b979b34ee7a
  
  nebula (master)> rg --glob '*.go' -i wireguard
  wintun/tun.go
  6: * Copyright (C) 2018-2021 WireGuard LLC. All Rights Reserved.
  9://NOTE: This file was forked from https://git.zx2c4.com/wireguard-go/tree/tun/tun_windows.go?id=851efb1bb65555e0f765a3361c8eb5ac47435b19

  udp/udp_rio_windows.go
  4:// Inspired by https://git.zx2c4.com/wireguard-go/tree/conn/bind_windows.go
  25: "golang.zx2c4.com/wireguard/conn/winrio"

  overlay/tun_wintun_windows.go
  17: "golang.zx2c4.com/wireguard/windows/tunnel/winipcfg"

  wintun/device.go
  6: * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
  9://NOTE: this file was forked from https://git.zx2c4.com/wireguard-go/tree/tun/tun.go?id=851efb1bb65555e0f765a3361c8eb5ac47435b19


I stand corrected then.


It is likely an option, but as per the ReadMe:

Nebula uses Elliptic-curve Diffie-Hellman (ECDH) key exchange and AES-256-GCM in its default configuration.




Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: