From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: rcwhelan@gmail.com Received: from krantz.zx2c4.com (localhost [127.0.0.1]) by krantz.zx2c4.com (ZX2C4 Mail Server) with ESMTP id f3f97e26 for ; Wed, 6 Dec 2017 13:15:08 +0000 (UTC) Received: from mail-qt0-f175.google.com (mail-qt0-f175.google.com [209.85.216.175]) by krantz.zx2c4.com (ZX2C4 Mail Server) with ESMTP id 15290690 for ; Wed, 6 Dec 2017 13:15:08 +0000 (UTC) Received: by mail-qt0-f175.google.com with SMTP id u42so8835631qte.7 for ; Wed, 06 Dec 2017 05:22:02 -0800 (PST) MIME-Version: 1.0 In-Reply-To: <87a7yw0zmp.fsf@toke.dk> References: <87a7yw0zmp.fsf@toke.dk> From: Ryan Whelan Date: Wed, 6 Dec 2017 08:22:01 -0500 Message-ID: Subject: Re: Babel over wireguard To: =?UTF-8?B?VG9rZSBIw7hpbGFuZC1Kw7hyZ2Vuc2Vu?= Content-Type: multipart/alternative; boundary="001a1140f3e63b192b055fabd6ed" Cc: WireGuard mailing list List-Id: Development discussion of WireGuard List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , --001a1140f3e63b192b055fabd6ed Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable If you're gauging interest, I would be very interested in using unicast atop Wireguard for routing selection Thank you for the explanation; very helpful. On Wed, Dec 6, 2017 at 8:11 AM, Toke H=C3=B8iland-J=C3=B8rgensen wrote: > Ryan Whelan writes: > > > Are there any routing protocol implementations that do not depend on > > multicast? > > We are in the process of standardising Babel, and one of the things we > are adding is the ability to run entirely over unicast. So in the > future, Babel will be able to do this (and integration with Wireguard is > one of the things I want to achieve with this). But for now, no > implementation exists. > > Other than that, maybe BGP? But you'd still need integration with > Wireguard if you don't want to just set AllowedIPs to ::/0 > > > In my setup, 2 hosts will be able to route to one another over 2 > > different wg interfaces and I just need something to select whichever > > interface has the least latency. Anything like that exist? :D > > You can do this with point-to-point wireguard links. I.e., as long as > the wireguard link only has two peers, you can set AllowedIPs to > 0.0.0.0/0, ::/0 on both sides, assign manual link-local addresses > (anything in fe80::/64 will work, so you could just assign fe80::1/64 to > one side and fe80::2/64 to the other side; they don't need to be > globally unique either). Then you can run babeld on top, which will > instruct the kernel to send appropriate packets to the wireguard > interface, and wireguard will forward it to the other side. > > It's not currently possible to run a routing daemon on a multi-peer > wireguard interface. The routing daemon would need to reconfigure > wireguard in the kernel when it adds routes. I am planning to add this > to Bird at some point, but have not gotten around to it yet... > > -Toke > --001a1140f3e63b192b055fabd6ed Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
If you're gauging interest, I would be very interested= in using unicast atop Wireguard for routing selection

T= hank you for the explanation; very helpful.=C2=A0=C2=A0

<= /div>

On Wed= , Dec 6, 2017 at 8:11 AM, Toke H=C3=B8iland-J=C3=B8rgensen <toke@toke.dk>= ; wrote:
Ryan Whe= lan <rcwhelan@gmail.com> wr= ites:

> Are there any routing protocol implementations that do not depend on > multicast?

We are in the process of standardising Babel, and one of the things = we
are adding is the ability to run entirely over unicast. So in the
future, Babel will be able to do this (and integration with Wireguard is one of the things I want to achieve with this). But for now, no
implementation exists.

Other than that, maybe BGP? But you'd still need integration with
Wireguard if you don't want to just set AllowedIPs to ::/0

> In my setup, 2 hosts will be able to route to one another over 2
> different wg interfaces and I just need something to select whichever<= br> > interface has the least latency. Anything like that exist? :D

You can do this with point-to-point wireguard links. I.e., as long a= s
the wireguard link only has two peers, you can set AllowedIPs to
0.0.0.0/0= , ::/0 on both sides, assign manual link-local addresses
(anything in fe80::/64 will work, so you could just assign fe80::1/64 to one side and fe80::2/64 to the other side; they don't need to be
globally unique either). Then you can run babeld on top, which will
instruct the kernel to send appropriate packets to the wireguard
interface, and wireguard will forward it to the other side.

It's not currently possible to run a routing daemon on a multi-peer
wireguard interface. The routing daemon would need to reconfigure
wireguard in the kernel when it adds routes. I am planning to add this
to Bird at some point, but have not gotten around to it yet...

-Toke

--001a1140f3e63b192b055fabd6ed--