Not This Release Of FreeBSD Nor pfSense, But The Next
Even after a herculean amount of effort by Wireguard’s founder, Jason Donenfeld and developers Kyle Evans and Matt Dunwoodie, WireGuard will not be included in the upcoming release of FreeBSD 13.0. This will also mean that Netgate’s announcement of the inclusion of WireGuard in the next release of pfSense was premature, as that router OS is based off of FreeBSD. All three developers did their best to polish the existing code and bring it up to their high standards but unfortunately there was simply not enough time.
If you haven’t run into WireGuard before, it is an open source VPN similar to OpenVPN or closed source ones, with a bit of a difference. The developers of WireGuard take their coding very seriously, while OpenVPN consists of 400,000 lines of code added to the kernel, WireGuard is a mere 4000. This makes it significantly faster and more robust than OpenVPN or other VPN programs, but is also why the release is delayed. Until the crew can reduce the current footprint of WireGuard they are not comfortable adding it.
If you are curious about the intricacies of how open source teams work together (or not) to develop and merge new programs and features into an OS you can pop over to Ars Technica for a look. You can also follow the links to learn more about both VPN solutions.
This morning, WireGuard founding developer Jason Donenfeld announced a working, in-kernel implementation of his WireGuard VPN protocol for the FreeBSD 13 kernel. This is great news for BSD folks—and users of BSD-based routing appliances and distros such as pfSense and opnSense.