Networking Intermediate

What is WireGuard?

A modern, lightweight VPN protocol that uses state-of-the-art cryptography and minimal code for fast, secure tunneling.

WireGuard is a VPN protocol designed for simplicity and performance. With approximately 4,000 lines of code (compared to OpenVPN's 100,000+), it has a smaller attack surface and is easier to audit. It uses Curve25519 for key exchange, ChaCha20 for encryption, Poly1305 for authentication, and BLAKE2s for hashing. WireGuard operates at the kernel level (built into Linux since 5.6) for high performance, achieving better throughput than IPsec and OpenVPN. Configuration is remarkably simple — each peer has a public/private key pair and a list of allowed IPs. It supports roaming (seamless IP changes) and establishes connections in milliseconds.

Learn More About This Topic

Linux Networking Fundamentals

Related reading

Linux IPv6: The Complete Guide

Related reading

Linux IPv4: The Complete Guide

Related reading

Related Terms

The seven-layer Open Systems Interconnection model that standardizes network communication functions from physical transmission to application protocols.

The latest version of the Internet Protocol with 128-bit addresses, designed to replace IPv4 and solve address exhaustion.

A logical division of an IP network into smaller segments to improve performance, security, and management.

A device or software that connects two or more network segments at the data link layer, forwarding traffic based on MAC addresses.

The time delay between sending a request and receiving a response, measured in milliseconds.

ICMP (Internet Control Message Protocol)

A network protocol used for diagnostic and error reporting, including ping and traceroute functionality.

View All Networking Terms →