meta data for this page
  •  

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
linux:vpn:wireguard [2024/12/20 21:08] niziaklinux:vpn:wireguard [2025/01/07 20:42] (current) niziak
Line 2: Line 2:
  
   * [[https://www.wireguard.com/netns/]]   * [[https://www.wireguard.com/netns/]]
 +  * [[https://www.procustodibus.com/blog/2021/10/ha-wireguard-site-to-site/|High Availability WireGuard Site to Site]]
 +
 +===== routing =====
 +
 +  * sending: list of allowed IPs behaves as routing table
 +  * receiving: list of allowed IPs behaves as ACL
 +
 +==== mesh ====
 +
 +Duplicated peer IPS (allowed IPs):
 +  * not allowed
 +  * technically wg is working but traffic is directed only to last connected peer ???
 +
 +The same peer IP (allowed IPs) on 2 or more wg interfaces:
 +  * allowed
 +  * kernel routing makes decision
 +
 +Best and clear option:
 +  * P2P wg links
 +  * OSPF or other dynamic routing protocol
 +
 +==== working example ====
  
 ''/24'' subnet routing: ''/24'' subnet routing:
Line 9: Line 31:
 Tested on ''star'' topology, where one peer with external IP accepts connection from others peers. Tested on ''star'' topology, where one peer with external IP accepts connection from others peers.
 All peers were in one ''/24'' subnet. All peers were in one ''/24'' subnet.
 +
 +NOTE: trying to ''MESH'' with ''/24'' doesn't work. When additional P2P connection between two "client" peers was added, connection to "server" peer stop working.
 +
  
 ===== Setup ===== ===== Setup =====