mention wireguard persistent keepalive setting and some word tweaks - www.codemadness.org - www.codemadness.org saait content files
HTML git clone git://git.codemadness.org/www.codemadness.org
DIR Log
DIR Files
DIR Refs
DIR README
DIR LICENSE
---
DIR commit f5efe4ebb45b8f43ea1afbd8f93034d21edd0110
DIR parent 1f37a448488508c336ede2310dff3aa37a83a016
HTML Author: Hiltjo Posthuma <hiltjo@codemadness.org>
Date: Sun, 29 Mar 2026 15:40:49 +0200
mention wireguard persistent keepalive setting and some word tweaks
Diffstat:
M config.cfg | 2 +-
M output/atom.xml | 4 ++--
M output/atom_content.xml | 23 +++++++++++++++--------
M output/atom_content_gopher.xml | 23 +++++++++++++++--------
M output/atom_gopher.xml | 4 ++--
M output/jsonfeed_content.json | 2 +-
M output/jsonfeed_content_gopher.json | 2 +-
M output/phlog/wireguard | 24 ++++++++++++++++++------
M output/rss_content.xml | 19 +++++++++++++------
M output/rss_content_gopher.xml | 19 +++++++++++++------
M output/sfeed_content.tsv | 2 +-
M output/sfeed_content_gopher.tsv | 2 +-
M output/sitemap.xml | 2 +-
M output/wireguard.html | 19 +++++++++++++------
M output/wireguard.md | 22 +++++++++++++++++-----
M pages/wireguard.cfg | 2 +-
M pages/wireguard.md | 22 +++++++++++++++++-----
17 files changed, 132 insertions(+), 61 deletions(-)
---
DIR diff --git a/config.cfg b/config.cfg
@@ -1,5 +1,5 @@
# last updated the site.
-siteupdated = 2026-03-28
+siteupdated = 2026-03-29
sitetitle = Codemadness
siteurl = https://www.codemadness.org
DIR diff --git a/output/atom.xml b/output/atom.xml
@@ -2,7 +2,7 @@
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
<title>Codemadness</title>
<subtitle>blog with various projects and articles about computer-related things</subtitle>
- <updated>2026-03-28T00:00:00Z</updated>
+ <updated>2026-03-29T00:00:00Z</updated>
<link rel="alternate" type="text/html" href="https://www.codemadness.org" />
<id>https://www.codemadness.org/atom.xml</id>
<link rel="self" type="application/atom+xml" href="https://www.codemadness.org/atom.xml" />
@@ -10,7 +10,7 @@
<title>Wireguard on OpenBSD for use as a mobile VPN</title>
<link rel="alternate" type="text/html" href="https://www.codemadness.org/wireguard.html" />
<id>https://www.codemadness.org/wireguard.html</id>
- <updated>2026-03-28T00:00:00Z</updated>
+ <updated>2026-03-29T00:00:00Z</updated>
<published>2026-03-27T00:00:00Z</published>
<author>
<name>Hiltjo</name>
DIR diff --git a/output/atom_content.xml b/output/atom_content.xml
@@ -2,7 +2,7 @@
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
<title>Codemadness</title>
<subtitle>blog with various projects and articles about computer-related things</subtitle>
- <updated>2026-03-28T00:00:00Z</updated>
+ <updated>2026-03-29T00:00:00Z</updated>
<link rel="alternate" type="text/html" href="https://www.codemadness.org" />
<id>https://www.codemadness.org/atom_content.xml</id>
<link rel="self" type="application/atom+xml" href="https://www.codemadness.org/atom_content.xml" />
@@ -10,7 +10,7 @@
<title>Wireguard on OpenBSD for use as a mobile VPN</title>
<link rel="alternate" type="text/html" href="https://www.codemadness.org/wireguard.html" />
<id>https://www.codemadness.org/wireguard.html</id>
- <updated>2026-03-28T00:00:00Z</updated>
+ <updated>2026-03-29T00:00:00Z</updated>
<published>2026-03-27T00:00:00Z</published>
<author>
<name>Hiltjo</name>
@@ -18,15 +18,14 @@
</author>
<summary>Guide to setup a Wireguard endpoint on OpenBSD to use as a (mobile) VPN</summary>
<content type="html"><![CDATA[<h1>Wireguard on OpenBSD for use as a mobile VPN</h1>
- <p><strong>Last modification on </strong> <time>2026-03-28</time></p>
+ <p><strong>Last modification on </strong> <time>2026-03-29</time></p>
<p>Wireguard is a fast, modern and secure VPN tunnel.</p>
<p>Below is a guide to setup <a href="https://www.wireguard.com/">Wireguard</a> on the OpenBSD
operating system intended for use as a mobile VPN.</p>
-<p>It describes using the OpenBSD Wireguard wg(4) kernel driver (not the userland
-application) and will focus on setting up a IPv4 tunnel.</p>
-<p>It is recommended to install wireguard-tools. Although not required for using
-the OpenBSD wg(4) kernel driver they contain useful tools to generate a private
-and public key (wg genkey, wg pubkey).</p>
+<p>It describes using the OpenBSD Wireguard wg(4) kernel driver using ifconfig,
+not the userland application, and will focus on setting up a IPv4 tunnel.</p>
+<p>It is however recommended to install wireguard-tools, because it contains
+useful tools to generate a private and public key (wg genkey, wg pubkey).</p>
<p>To install the wireguard-tools package on OpenBSD:</p>
<pre><code># pkg_add wireguard-tools
</code></pre>
@@ -156,6 +155,14 @@ Make sure Wireguard is set and enabled under VPN.</li>
</li>
<li>Set a secure and privacy-respecting DNS server.</li>
</ul>
+<h2>Wireguard persistent keepalive setting</h2>
+<p>If the interface very rarely sends traffic, but it might at anytime receive
+traffic from a peer, and it is behind NAT, the interface might benefit from
+having a persistent keepalive interval of 25 seconds.</p>
+<p>If it is not needed, then it is recommended to not enable it, which is the
+default.</p>
+<p>This option is called PersistentKeepalive in Wireguard conf and is called
+wgpka for OpenBSD ifconfig, see the ifconfig(8) man page WIREGUARD section.</p>
<h2>Debugging tips</h2>
<p>For the Wireguard Android application you can find a textual log:</p>
<ul>
DIR diff --git a/output/atom_content_gopher.xml b/output/atom_content_gopher.xml
@@ -2,7 +2,7 @@
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
<title>Codemadness</title>
<subtitle>blog with various projects and articles about computer-related things</subtitle>
- <updated>2026-03-28T00:00:00Z</updated>
+ <updated>2026-03-29T00:00:00Z</updated>
<link rel="alternate" type="text/gopher" href="gopher://codemadness.org" />
<id>gopher://codemadness.org/0/atom_content_gopher.xml</id>
<link rel="self" type="application/atom+xml" href="gopher://codemadness.org/0/atom_content_gopher.xml" />
@@ -10,7 +10,7 @@
<title>Wireguard on OpenBSD for use as a mobile VPN</title>
<link rel="alternate" type="text/gopher" href="gopher://codemadness.org/1/phlog/wireguard" />
<id>gopher://codemadness.org/1/phlog/wireguard</id>
- <updated>2026-03-28T00:00:00Z</updated>
+ <updated>2026-03-29T00:00:00Z</updated>
<published>2026-03-27T00:00:00Z</published>
<author>
<name>Hiltjo</name>
@@ -18,15 +18,14 @@
</author>
<summary>Guide to setup a Wireguard endpoint on OpenBSD to use as a (mobile) VPN</summary>
<content type="html"><![CDATA[<h1>Wireguard on OpenBSD for use as a mobile VPN</h1>
- <p><strong>Last modification on </strong> <time>2026-03-28</time></p>
+ <p><strong>Last modification on </strong> <time>2026-03-29</time></p>
<p>Wireguard is a fast, modern and secure VPN tunnel.</p>
<p>Below is a guide to setup <a href="https://www.wireguard.com/">Wireguard</a> on the OpenBSD
operating system intended for use as a mobile VPN.</p>
-<p>It describes using the OpenBSD Wireguard wg(4) kernel driver (not the userland
-application) and will focus on setting up a IPv4 tunnel.</p>
-<p>It is recommended to install wireguard-tools. Although not required for using
-the OpenBSD wg(4) kernel driver they contain useful tools to generate a private
-and public key (wg genkey, wg pubkey).</p>
+<p>It describes using the OpenBSD Wireguard wg(4) kernel driver using ifconfig,
+not the userland application, and will focus on setting up a IPv4 tunnel.</p>
+<p>It is however recommended to install wireguard-tools, because it contains
+useful tools to generate a private and public key (wg genkey, wg pubkey).</p>
<p>To install the wireguard-tools package on OpenBSD:</p>
<pre><code># pkg_add wireguard-tools
</code></pre>
@@ -156,6 +155,14 @@ Make sure Wireguard is set and enabled under VPN.</li>
</li>
<li>Set a secure and privacy-respecting DNS server.</li>
</ul>
+<h2>Wireguard persistent keepalive setting</h2>
+<p>If the interface very rarely sends traffic, but it might at anytime receive
+traffic from a peer, and it is behind NAT, the interface might benefit from
+having a persistent keepalive interval of 25 seconds.</p>
+<p>If it is not needed, then it is recommended to not enable it, which is the
+default.</p>
+<p>This option is called PersistentKeepalive in Wireguard conf and is called
+wgpka for OpenBSD ifconfig, see the ifconfig(8) man page WIREGUARD section.</p>
<h2>Debugging tips</h2>
<p>For the Wireguard Android application you can find a textual log:</p>
<ul>
DIR diff --git a/output/atom_gopher.xml b/output/atom_gopher.xml
@@ -2,7 +2,7 @@
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
<title>Codemadness</title>
<subtitle>blog with various projects and articles about computer-related things</subtitle>
- <updated>2026-03-28T00:00:00Z</updated>
+ <updated>2026-03-29T00:00:00Z</updated>
<link rel="alternate" type="text/gopher" href="gopher://codemadness.org" />
<id>gopher://codemadness.org/0/atom_gopher.xml</id>
<link rel="self" type="application/atom+xml" href="gopher://codemadness.org/0/atom_gopher.xml" />
@@ -10,7 +10,7 @@
<title>Wireguard on OpenBSD for use as a mobile VPN</title>
<link rel="alternate" type="text/gopher" href="gopher://codemadness.org/1/phlog/wireguard" />
<id>gopher://codemadness.org/1/phlog/wireguard</id>
- <updated>2026-03-28T00:00:00Z</updated>
+ <updated>2026-03-29T00:00:00Z</updated>
<published>2026-03-27T00:00:00Z</published>
<author>
<name>Hiltjo</name>
DIR diff --git a/output/jsonfeed_content.json b/output/jsonfeed_content.json
@@ -8,7 +8,7 @@
"title": "Wireguard on OpenBSD for use as a mobile VPN",
"url": "https://www.codemadness.org/wireguard.html",
"authors": [{"name": "Hiltjo"}],
codemadness.org:70 /git/www.codemadness.org/commit/f5efe4ebb45b8f43ea1afbd8f93034d21edd0110.gph:198: line too long