My Comments On SoftEther VPN #1409
Replies: 3 comments 1 reply
-
Back when I first discovered the project, I struggled to understand what exactly the native/SoftEther protocol is. The reason is the same as to why nobody adopted the protocol: lack of documentation. The code definitely needs a refactor (e.g. #1189), but the concept itself is brilliant. As for the protocol being L2: it's awesome because it's just like connecting to a physical Ethernet switch. Finally, we have to investigate what's happening on Linux clients (#1387).
The WireGuard implementation is indeed only IPv4 for now, I will add support for IPv6 as soon as possible. We should also add IPv6 support to virtual DHCP server, in addition to static leases.
There was already high demand for the feature years ago: #13 In theory we only have to add support for the new key exchange stuff.
This is one of the top priorities. The API documentation can be found at https://github.com/SoftEtherVPN/SoftEtherVPN/blob/master/src/bin/hamcore/vpnserver_api_doc.html
We have been thinking about that, but didn't make a decision yet. More specifically, we would like to see if enough donations start coming through now that we have set up ways to do so.
I think the main reason why OpenVPN Access is used is because it offers an administration web interface. However, it's also true that OpenVPN is much more known than SoftEther VPN outside of Japan. We have to work on presenting the project better in any case.
I agree. As for a stable 5.x release: I'm not sure. 5.x is kind of a rolling release at this point.
I'm actually planning to automatize the process and keep the documentation files in the repository and/or serve them on
Absolutely, we appreciate that. Thank you very much for the long post!
I read the issue, but didn't investigate yet. I'll do that. |
Beta Was this translation helpful? Give feedback.
-
@andrewfer000 , as you can see PR queue is very short. And we accept contributions in very friendly way. But there are not many people ready to contribute |
Beta Was this translation helpful? Give feedback.
-
@davidebeatrici I can help quite a bit with the 5th topic I listed. Just shoot me a message if you guys need any tips or good starting points. I also think a new website redesign is needed. SoftEther needs to be brought in the new decade. Honestly it feels like it's still stuck in 2011 when it comes website looks. |
Beta Was this translation helpful? Give feedback.
-
I Have been using SoftEtherVPN for about a year now, and I gotta say I love it and I wish there were more programs like it out there. However I do have some comments as a user, tester, and future network administrator.
SoftEther VPN Project should put a little more focus on the SoftEther Protocol itself again. I know that the developers have been busy with polishing up the code and that's very important too. I only say it because it only works well with Windows and pretty much not at all on many of the GNU/Linux OSes I have tried. I think SoftEther is an amazing L2 VPN Protocol (much better than OpenVPN L2) and I would love to use it to create a secure, fast, and lightweight network between my low-power Homebrew IoT (Raspberry Pis and other SBC) devices and my VPS servers in the cloud.
IPv6 Across the board... I've been wanting to say this for awhile, and there was great progress on L2TP/IPsec and SSTP's IPv6 support. But it would be nice to see it on OpenVPN and WireGuard (if WG does not already support it, haven't tried it). This should also include changes to the virtual DHCP server in order to support it if the server machine supports it. IPv6 is the future of the internet and very important since we are technically out of IPv4s. On the other hand, pretty much all the internet is still running on v4 so there is still plenty of time. But I would like to see it in the future. Also fixing the PPP+IPv6 issues for Linux Clients would be a nice touch. But not 100% necessary for now and for all I know could have more to do with Linux itself.
IKEv2/IPsec (*Swan) Clone Server would a nice addition since it is going to be the new standard on Android 12 and later. This new protocol can likely be implemented along side the L2TP/IPsec protocol since it uses the same ports and IPsec suite. I think it uses PPP too so hopefully all that needs to be implemented is the key exchange stuff.
A real full featured web control panel to replace the legacy Windows Only Admin program would be a major upgrade in my opinion. The API seems to be well developed enough to do most things that SoftEther so a nice web interface would be a great way to finally break free from the platform-dependent software. (I could possibly help with this one, I just need some well-developed and explained API documentation)
Commercial Support, Training, and Certification. Currently SoftEther is a 100% FOSS project and I want it to stay that way, At the same time I know the project can really benefit from extra income and more businesses will be able to adopt and contribute to the project if SoftEther offered Technical Support, Training Courses for IT Pros, Certifications that can be earned by these professionals in order to validate their skills, and certified partners who go through the training and can provide 3rd party installation and support services. The business model will be exactly like Zabbix where the Software itself is fully free and open source with all features, but the tech support, training, and certification and cost money. Based on how they are doing, it seems to working very well. Also if this can work out, some of the developers can work on SoftEther full time instead of having to worry about putting food on the table and will allow many businesses to adopt the program.
SoftEther is much better than OpenVPN Access, yet it still lives in it's shadow. I have been reading the documentation on SoftEther and it can do many incredible things that I would of never thought of! Also SoftEther VPN Server supports 6+ Protocols that can share ports while OpenVPN only supports it's own protocol. Honestly the main thing that's holding the project back is what I mentioned above. Start offering technical support and make a name for the project, and new developers, users, and businesses will start flooding in. Also one-click installers for Linode, Digital Ocean, AWS, and Google Cloud would be a great way for people who were thinking about using OpenVPN to think again.
A Project Roadmap would be nice to keep things organized. Maybe try using the Milestones feature on Github to keep track of issues and goals for future releases. I think this is vital to getting more code contributors. (Also when is 5.x going to be ready for stable release? I think that would make a great long term Milestone.)
Better documentation for new features and changes in version 5.x such as how to configure WireGuard and use the ProtoOptionsSet settings on the command line would be a huge help for new users getting into SoftEther. (I'm personally thinking of making a new commands description document similar to the 4.x version on softether.org but for the new commands once I get used to them.)
These are just some comments and recommendations based on my experience, and I hope you consider them. I'm not a good C(++) programmer so I am hoping you (developers) feel the same about some of these issues/features. Speaking of issues, can you please take a look at #1396 and tell me what's up? It's very confusing!
Beta Was this translation helpful? Give feedback.
All reactions