wg-ip, a tool to assign automatic ip addresses to wireguard interfaces

wg-ip, a tool to assign automatic ip addresses to wireguard interfaces

[Christophe-Marie Duquesne]

Hi,

In an old thread [1], danrl suggested deriving node addresses from the
peer public keys. I liked this idea, so I wrote a tool to do it. It
works like this:

generate an ipv6 address from the default ipv6 subnet of the script
(fd1a:6126:2887::/48):
wg-ip -6 gen uymIRDopubn0XRLLRTymOvuK2iG90wRcXxhsb2EOYzg=
fd1a:6126:2887:17a1:2793:518a:7886:e8a4

generate an ipv4 address from the default ipv4 subnet of the script
(10.0.0.0/8):
wg-ip -4 gen uymIRDopubn0XRLLRTymOvuK2iG90wRcXxhsb2EOYzg=
10.0.37.175

generate an ip address from a custom subnet (ip version inferred from prefix):
wg-ip --subnet 172.16.0.0/12 gen uymIRDopubn0XRLLRTymOvuK2iG90wRcXxhsb2EOYzg=
172.16.37.175

assign an ip address to the selected interface and allowed ips to the
peers, all in the same subnet (existing allowed ips are preserved):
wg-ip [-4|-6|--subnet <subnet>] [dev wg0] apply

or just see which commands 'apply' would run
wg-ip [-4|-6|--subnet <subnet>] [dryrun]

Derivation algorithm: the bytes of the ip address are taken from the
beginning bytes of the sha256 hash of the corresponding pubkey, and
are masked with the network mask.

The tool does not handle collisions nor special addresses: The idea is
to pick a subnet large enough so that these cases are unlikely enough.
For ipv6, with a /48 prefix, that would be a 80 bits address space, so
birthday attacks say one needs about 2^40 peers until they reach a
significant risk of collision, which will fill the routing table well
before this even becomes a problem. For ipv4 with the 10.0.0.0/8, the
address space is 24 bits, so odds are still pretty good until 2^12
peers, but this time it is reachable. For my personal needs (about 10
peers) and for anyone with a network of less than 1000 peers (if my
maths are correct), it should be largely sufficient (collision
probability under 5%). Worst case, if you don't like the ip address
generated, just use another key pair.

It is written in bash, in the spirit of wg-quick. I am definitely open
to have it integrated in wireguard if people show interest.

https://github.com/chmduquesne/wg-ip

[1]: https://lists.zx2c4.com/pipermail/wireguard/2016-December/000812.html

Re: wg-ip, a tool to assign automatic ip addresses to wireguard interfaces

[ST]

Hi Christophe-Marie,

I'm interested in it being integrated into WG, as it is exactly what I
asked for in this list several weeks ago.

Thank you!


On Tue, 2018-04-10 at 14:32 +0200, Christophe-Marie Duquesne wrote:
> Hi,
> 
> In an old thread [1], danrl suggested deriving node addresses from the
> peer public keys. I liked this idea, so I wrote a tool to do it. It
> works like this:
> 
> generate an ipv6 address from the default ipv6 subnet of the script
> (fd1a:6126:2887::/48):
> wg-ip -6 gen uymIRDopubn0XRLLRTymOvuK2iG90wRcXxhsb2EOYzg=
> fd1a:6126:2887:17a1:2793:518a:7886:e8a4
> 
> generate an ipv4 address from the default ipv4 subnet of the script
> (10.0.0.0/8):
> wg-ip -4 gen uymIRDopubn0XRLLRTymOvuK2iG90wRcXxhsb2EOYzg=
> 10.0.37.175
> 
> generate an ip address from a custom subnet (ip version inferred from prefix):
> wg-ip --subnet 172.16.0.0/12 gen uymIRDopubn0XRLLRTymOvuK2iG90wRcXxhsb2EOYzg=
> 172.16.37.175
> 
> assign an ip address to the selected interface and allowed ips to the
> peers, all in the same subnet (existing allowed ips are preserved):
> wg-ip [-4|-6|--subnet <subnet>] [dev wg0] apply
> 
> or just see which commands 'apply' would run
> wg-ip [-4|-6|--subnet <subnet>] [dryrun]
> 
> Derivation algorithm: the bytes of the ip address are taken from the
> beginning bytes of the sha256 hash of the corresponding pubkey, and
> are masked with the network mask.
> 
> The tool does not handle collisions nor special addresses: The idea is
> to pick a subnet large enough so that these cases are unlikely enough.
> For ipv6, with a /48 prefix, that would be a 80 bits address space, so
> birthday attacks say one needs about 2^40 peers until they reach a
> significant risk of collision, which will fill the routing table well
> before this even becomes a problem. For ipv4 with the 10.0.0.0/8, the
> address space is 24 bits, so odds are still pretty good until 2^12
> peers, but this time it is reachable. For my personal needs (about 10
> peers) and for anyone with a network of less than 1000 peers (if my
> maths are correct), it should be largely sufficient (collision
> probability under 5%). Worst case, if you don't like the ip address
> generated, just use another key pair.
> 
> It is written in bash, in the spirit of wg-quick. I am definitely open
> to have it integrated in wireguard if people show interest.
> 
> https://github.com/chmduquesne/wg-ip
> 
> [1]: https://lists.zx2c4.com/pipermail/wireguard/2016-December/000812.html
> _______________________________________________
> WireGuard mailing list
> WireGuard@lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: wg-ip, a tool to assign automatic ip addresses to wireguard interfaces

[ST]

PS: you write that the "tool does not handle collisions", but does it
recognize and/or warn about them? I.e. if a peer with the newly
suggested IP exists already - will it warn?

For automation it would be nice to have some sort of "force" or
"keep-trying" options, so the tool regenerates the keys trying to find a
free IP and subsequently assigns it. With the enabled SaveConfig options
the new IP will be saved in the config file...


On Tue, 2018-04-10 at 14:32 +0200, Christophe-Marie Duquesne wrote:
> Hi,
> 
> In an old thread [1], danrl suggested deriving node addresses from the
> peer public keys. I liked this idea, so I wrote a tool to do it. It
> works like this:
> 
> generate an ipv6 address from the default ipv6 subnet of the script
> (fd1a:6126:2887::/48):
> wg-ip -6 gen uymIRDopubn0XRLLRTymOvuK2iG90wRcXxhsb2EOYzg=
> fd1a:6126:2887:17a1:2793:518a:7886:e8a4
> 
> generate an ipv4 address from the default ipv4 subnet of the script
> (10.0.0.0/8):
> wg-ip -4 gen uymIRDopubn0XRLLRTymOvuK2iG90wRcXxhsb2EOYzg=
> 10.0.37.175
> 
> generate an ip address from a custom subnet (ip version inferred from prefix):
> wg-ip --subnet 172.16.0.0/12 gen uymIRDopubn0XRLLRTymOvuK2iG90wRcXxhsb2EOYzg=
> 172.16.37.175
> 
> assign an ip address to the selected interface and allowed ips to the
> peers, all in the same subnet (existing allowed ips are preserved):
> wg-ip [-4|-6|--subnet <subnet>] [dev wg0] apply
> 
> or just see which commands 'apply' would run
> wg-ip [-4|-6|--subnet <subnet>] [dryrun]
> 
> Derivation algorithm: the bytes of the ip address are taken from the
> beginning bytes of the sha256 hash of the corresponding pubkey, and
> are masked with the network mask.
> 
> The tool does not handle collisions nor special addresses: The idea is
> to pick a subnet large enough so that these cases are unlikely enough.
> For ipv6, with a /48 prefix, that would be a 80 bits address space, so
> birthday attacks say one needs about 2^40 peers until they reach a
> significant risk of collision, which will fill the routing table well
> before this even becomes a problem. For ipv4 with the 10.0.0.0/8, the
> address space is 24 bits, so odds are still pretty good until 2^12
> peers, but this time it is reachable. For my personal needs (about 10
> peers) and for anyone with a network of less than 1000 peers (if my
> maths are correct), it should be largely sufficient (collision
> probability under 5%). Worst case, if you don't like the ip address
> generated, just use another key pair.
> 
> It is written in bash, in the spirit of wg-quick. I am definitely open
> to have it integrated in wireguard if people show interest.
> 
> https://github.com/chmduquesne/wg-ip
> 
> [1]: https://lists.zx2c4.com/pipermail/wireguard/2016-December/000812.html
> _______________________________________________
> WireGuard mailing list
> WireGuard@lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: wg-ip, a tool to assign automatic ip addresses to wireguard interfaces

[Christophe-Marie Duquesne]

Hum, I thought this thread had gone unanswered because nothing ever
reached my inbox, but I just found out about the answers browsing the
archive:

from https://lists.zx2c4.com/pipermail/wireguard/2018-April/002594.html:
> I'm interested in it being integrated into WG, as it is exactly what I
> asked for in this list several weeks ago.

Ok, I should rephrase what I wrote: it is more _if_ the wireguard
authors think it would be relevant to host this script directly in the
wireguard repo, I will gladly send a patch. In any case, I will
maintain this separately for my own use.

from https://lists.zx2c4.com/pipermail/wireguard/2018-April/002595.html:
> PS: you write that the "tool does not handle collisions", but does it
> recognize and/or warn about them? I.e. if a peer with the newly
> suggested IP exists already - will it warn?

No, no detection is attempted. The script will not warn you.

> For automation it would be nice to have some sort of "force" or
> "keep-trying" options, so the tool regenerates the keys trying to find a
> free IP and subsequently assigns it. With the enabled SaveConfig options
> the new IP will be saved in the config file...

This is why there is a 'gen' command to make an ip for a single
pubkey. I do not see a good way to extract that info from a particular
wireguard interface, because this interface might not know all other
peers involved in the network, so it I find it pointless to scan for
collisions since you can do this and it will still go undetected.

If you want absolutely want to be sure to generate a key pair which
generates an ip that is garanteed to not collide with existing peers,
it should be fairly straightforward. Assuming all the ips of existing
peers are in the file 'ips':

for i in ($seq 1 1000); do # try 1000 times
  privkey=$(wg genkey)
  ip=$(echo $privkey | wg pubkey | xargs wg-ip gen)
  if ! grep -qs "^$ip$" ips; then
    echo privkey: $privkey
    echo pubkey: $(echo $privkey | wg pubkey)
    break
  fi
done
echo "Could not generate a non colliding key"

I could add this to the script, but I figured that for the number of
peers I have and for the network ranges I am using, it is utterly
pointless. How many peers do you intend to have?

By the way, I just took care of removing all bashisms and I added
automated testing of this script with the 'dash' shell. It should be
safe to run on platform where bash is not present, such as openwrt.

Cheers,
Christophe-Marie

Re: wg-ip, a tool to assign automatic ip addresses to wireguard interfaces

[ST]

> from https://lists.zx2c4.com/pipermail/wireguard/2018-April/002595.html:
> > PS: you write that the "tool does not handle collisions", but does it
> > recognize and/or warn about them? I.e. if a peer with the newly
> > suggested IP exists already - will it warn?
> 
> No, no detection is attempted. The script will not warn you.
> 
> > For automation it would be nice to have some sort of "force" or
> > "keep-trying" options, so the tool regenerates the keys trying to find a
> > free IP and subsequently assigns it. With the enabled SaveConfig options
> > the new IP will be saved in the config file...
> 
> This is why there is a 'gen' command to make an ip for a single
> pubkey. I do not see a good way to extract that info from a particular
> wireguard interface, because this interface might not know all other
> peers involved in the network, so it I find it pointless to scan for
> collisions since you can do this and it will still go undetected.

You are right. Such a scan only makes sense on a "central server" which
knows _all_ other peers, but such a use case is quite common.

Another easy way to let all peers be aware of all peers (complete N:N
mesh) is through introduction of "includes" in the config file, as I've
recently proposed:

https://lists.zx2c4.com/pipermail/wireguard/2018-March/002561.html

Unfortunately there was no feedback on that suggestion...

> If you want absolutely want to be sure to generate a key pair which
> generates an ip that is garanteed to not collide with existing peers,
> it should be fairly straightforward. Assuming all the ips of existing
> peers are in the file 'ips':
> 
> for i in ($seq 1 1000); do # try 1000 times
>   privkey=$(wg genkey)
>   ip=$(echo $privkey | wg pubkey | xargs wg-ip gen)
>   if ! grep -qs "^$ip$" ips; then
>     echo privkey: $privkey
>     echo pubkey: $(echo $privkey | wg pubkey)
>     break
>   fi
> done
> echo "Could not generate a non colliding key"

Thank you! I'm not that experienced with bash scripting so this will be
useful!

What I was thinking to implement is the following: there is a central
publicly visible server with a script `add_peer` . Once called without
any arguments, the script is supposed to automatically add a new peer to
the configuration of the central server (i.e. to itself) and output a
complete corresponding configuration for the peer. This way you can span
a VPN automatically...

> I could add this to the script, but I figured that for the number of
> peers I have and for the network ranges I am using, it is utterly
> pointless. How many peers do you intend to have?

It will depend how popular the project will be. Theoretically it could
be 100'000 or even more peers. And for certain reasons I prefer to use
ip4.

> By the way, I just took care of removing all bashisms and I added
> automated testing of this script with the 'dash' shell. It should be
> safe to run on platform where bash is not present, such as openwrt.

Thank you!

Re: wg-ip, a tool to assign automatic ip addresses to wireguard interfaces

[Christophe-Marie Duquesne]

Weird. Once again, I did not receive this answer and saw it on the
online archive.

from https://lists.zx2c4.com/pipermail/wireguard/2018-April/002598.html:
> > I could add this to the script, but I figured that for the number of
> > peers I have and for the network ranges I am using, it is utterly
> > pointless. How many peers do you intend to have?
>
> It will depend how popular the project will be. Theoretically it could
> be 100'000 or even more peers. And for certain reasons I prefer to use
> ip4.

With this amount of peers, using such a method is a very, very bad
idea. Even in the 10.0.0.0/8 range, so a 24 bits address space,
generating pseudo-random ip addresses will not work. In that space,
the probability of collision for a new peer is about 1-e^(- n^2/ 2^25)
(see https://en.wikipedia.org/wiki/Birthday_problem#Approximations).
- With n=2^12 (4096 peers), that is a 40% chance.
- With n=2^13 (8192 peers), that is 85 %.
- With n=2^14 (16384 peers), that is 99.9%
- At n=2^15... My calculator already approximates this to 100%, and we
are not even close to your target (32768 peers, we need to quadruple
this to reach 100.000 peers).
This means that randomly generating an address which does not collide
with existing peers is increasingly more expensive, for each new peer.
You will re-try more and more before you can generate a key pair that
yields a non colliding ip address. This is simply not doable.

Long story short, you need a proper central server that will find the
next ip address, or you need to stick to ipv6 (and in that case the
address space makes it pointless to do that check).

Re: wg-ip, a tool to assign automatic ip addresses to wireguard interfaces

[jens]

i once had written a script for some openWRT (lede) Routers for Freifunk,
first of all, take ipV6 inside your tunnel, and mix localnet V6
Addresses with the MAC - this way you get a very distinct pair of V6
Address and Key
This assumes that a Server has fixed ip and key.

keyline in Setup is this
uci set wireguard.wireguard.ownip=fdf1::$(cat
/sys/class/net/eth0/address|awk 'BEGIN{FS=":"}{print $1$2":"$3$4":"$5$6}')

found here, if you want to look around a bit
https://github.com/viisauksena/gluon-mesh-wireguard/blob/cb77788ee49fe5b81789d01eed49aa30e971dd8e/files/lib/gluon/upgrade/405-wireguard

maybe this brings some new hints-- the gluon wireguard project has
actually stopped.

greetz


--
make the world nicer, please use PGP encryption

Re: wg-ip, a tool to assign automatic ip addresses to wireguard interfaces

[Matthias Urlichs]

[-- Attachment #1.1: Type: text/plain, Size: 267 bytes --]

On 12.04.2018 13:42, Christophe-Marie Duquesne wrote:
> And for certain reasons I prefer to use ip4.

I'd recommend a closer look at those reasons.

In other words: whatever problem prevents you from using IPv6, get them
fixed.

-- 
-- Matthias Urlichs



[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

Re: wg-ip, a tool to assign automatic ip addresses to wireguard interfaces

[mikma.wg]

On 04/12/2018 01:42 PM, Christophe-Marie Duquesne wrote:

> Long story short, you need a proper central server that will find the
> next ip address, or you need to stick to ipv6 (and in that case the
> address space makes it pointless to do that check).

I think one option is to use the DHCPv4-over-DHCPv6 (DHCP 4o6) Transport 
defined in RFC 7341. In that case you would need a link-local IPv6 
address which is used with DHCPv6. Via DHCPv6 you will be able to 
receive the DHCP 4o6 server address option. And then request an IPv4 
address using the DHCP 4o6 server.

https://datatracker.ietf.org/doc/rfc7341/

/Mikma

Re: wg-ip, a tool to assign automatic ip addresses to wireguard interfaces

[Jason A. Donenfeld]

Hi Chirstophe,

Thanks for writing this. Very cool work. As part of GSoC this summer,
Martin (CC'd) is going to be working on a dynamic provisioning
protocol over IPv6. One of the things we'll be investigating is
whether it's best to derive a v6 address from a public key or whether
it's best to make these separate/unrelated and share them alongside
the public key. While the former is much more elegant, a significant
problem is choosing the right behavior and assessing the security
concerns with collisions. Do let me know if you'd like to join in the
fun in trying to work out those problems. It looks to me like you've
already begun with this nice tool here.

Jason

Re: wg-ip, a tool to assign automatic ip addresses to wireguard interfaces

[Christophe-Marie Duquesne]

[-- Attachment #1: Type: text/plain, Size: 1018 bytes --]

Hi Jason,

Sure, I would be happy to help!

@Martin: based on your name and some quick googling, I assume you are
German. If you are in Munich, let me know, we could meet and discuss about
your gsoc topic in real life.

Best,
Christophe-Marie


On Sat, Apr 14, 2018, 00:25 Jason A. Donenfeld <Jason@zx2c4.com> wrote:

> Hi Chirstophe,
>
> Thanks for writing this. Very cool work. As part of GSoC this summer,
> Martin (CC'd) is going to be working on a dynamic provisioning
> protocol over IPv6. One of the things we'll be investigating is
> whether it's best to derive a v6 address from a public key or whether
> it's best to make these separate/unrelated and share them alongside
> the public key. While the former is much more elegant, a significant
> problem is choosing the right behavior and assessing the security
> concerns with collisions. Do let me know if you'd like to join in the
> fun in trying to work out those problems. It looks to me like you've
> already begun with this nice tool here.
>
> Jason
>

[-- Attachment #2: Type: text/html, Size: 1528 bytes --]

Re: wg-ip, a tool to assign automatic ip addresses to wireguard interfaces

[Claude]

Hi,

> One of the things we'll be investigating is whether it's best to
> derive a v6 address from a public key or whether it's best to make
> these separate/unrelated and share them alongside the public key.
> While the former is much more elegant, a significant problem is
> choosing the right behavior and assessing the security concerns with
> collisions. 

Not sure if you're already aware of, but there is this project called
cjdns which does exactly this. The IPv6 is derrived from the public key.
https://github.com/cjdelisle/cjdns/blob/master/doc/notes/cryptography.md

Maybe you can use that for some ideas or inspirations / evaluations.

Claude