Understanding the philosophy behind PacketCord tunneling vs WireGuard

CORD-FLOW
1

Hello,

I’ve been reading through the UDP tunnel examples and trying to better understand the overall philosophy behind the PacketCord tunneling approach.

Am I correct in thinking that the goal is not necessarily to compete with or replace WireGuard in terms of raw VPN performance, but rather to provide a more programmable userspace packet-processing model with NFV/SDN-style flexibility?

What I find interesting is that PacketCord seems to expose the packet flow itself to the developer, instead of hiding everything behind a traditional kernel tunnel interface. So it feels more like a programmable networking framework than just a VPN/tunneling solution.

I’m still learning and trying to connect the concepts correctly, so I’d appreciate any clarification from the developers or more experienced users.

Thanks.

2

Hi @dio_tsonev,

First of all, welcome to the forum! :slight_smile:

Now, on your question - in contrast to the complete VPN solutions or products (like WireGuard, OpenVPN, Openswan, etc), PacketCord is providing a Software Development Kit dedicated to network programming - so that developers can build any network functionality. An example for such functionality could be switching, routing, firewalling or, of course, packet tunneling.

Seems like you have reviewed the documentation and/or the GitHub repo. You should have noticed that there are example apps for:

  1. Tunnel - where the idea is to demonstrate how to send a network packet over a UDP socket.
  2. Pseudo Tunnel - where the idea is to demonstrate manual packet crafting of UDP-in-UDP packet (such idea could even work on systems without an IP/stack, just raw Ethernet transceiver).

An important point here that deserves attention is that tunneling has nothing to do with encryption. Normally, the complete VPN solutions always come with both (including key exchange). And here comes the third component:

  1. Cord AES cipher - there is an example for an AES cipher that could be used to encrypt anything, including your tunneled traffic, for example.

The aim of the examples is not to provide a solution (for production use), but to serve as a skeleton and give an idea about what could be possible to develop using the PacketCord SDK.

Does this explain the difference and the overall philosophy?

  • Varban
1 Like