From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: norman.shulman@n-dimension.com Received: from mail-vk0-f43.google.com (mail-vk0-f43.google.com [209.85.213.43]) by krantz.zx2c4.com (ZX2C4 Mail Server) with ESMTP id 53adcf7d for ; Thu, 14 Jul 2016 21:15:15 +0000 (UTC) Received: by mail-vk0-f43.google.com with SMTP id x130so129632934vkc.0 for ; Thu, 14 Jul 2016 14:16:22 -0700 (PDT) MIME-Version: 1.0 In-Reply-To: References: <20160706154834.GH2040@lud.polynome.dn42> From: Norman Shulman Date: Thu, 14 Jul 2016 17:16:19 -0400 Message-ID: To: "Jason A. Donenfeld" Content-Type: multipart/alternative; boundary=94eb2c05631670df0c05379f03be Cc: WireGuard mailing list Subject: Re: [WireGuard] WireGuard cryptokey routing List-Id: Development discussion of WireGuard List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , --94eb2c05631670df0c05379f03be Content-Type: text/plain; charset=UTF-8 Hi Jason, Sorry if this sounds too theoretical. I'm just trying to understand the cryptokey routing well enough to determine if it's suitable for our use. The main problem I have is understanding how you can base routing on non-routable addresses, which are not unique. Thanks. Norm On Thu, Jul 7, 2016 at 12:18 PM, Jason A. Donenfeld wrote: > On Thu, Jul 7, 2016 at 6:15 PM, Norman Shulman > wrote: > > Look at it from the server side. There are millions of clients on > millions > > of 192.168.1.0/24 networks, yet a server can communicate with no more > than > > 254 of them. > > Voila, this is where you are most certainly mistaken. > > While a client might have 192.168.1.8 as their IP address for eth0, > their IP address for wg0 can be something completely different. Want a > million clients? Use a /20 as your wireguard device inner IP. > > Anyway, why don't you tell us all what you actually want to do, rather > than these meandering theoretical questions? Then maybe we can help > you effectively. > -- Norman Shulman Sr. Developer/Architect N-Dimension Solutions Inc. 9030 Leslie St, Unit 300 Richmond Hill, ON L4B 1G2 Canada Tel: 905 707-8884 x 226 Fax: 905 707-0886 This email and any files transmitted with it are solely intended for the use of the named recipient(s) and may contain information that is privileged and confidential. If you receive this email in error, please immediately notify the sender and delete this message in all its forms. --94eb2c05631670df0c05379f03be Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
Hi Jason,

Sorry if this sounds too theo= retical. I'm just trying to understand the cryptokey routing well enoug= h to determine if it's suitable for our use. The main problem I have is= understanding how you can base routing on non-routable addresses, which ar= e not unique.

Thanks.

Nor= m


On Thu, Jul 7, 2016 at 12:18 PM, Jason A. Donenfeld <Jason@zx2c4.= com> wrote:
On Thu, Jul 7, 2016 at 6:15 PM, Norman Shulman
<norman.shulman@n-dime= nsion.com> wrote:
> Look at it from the server side. There are millions of clients on mill= ions
> of 192.168.1.0/24 networks, yet a server can communicate with no more = than
> 254 of them.

Voila, this is where you are most certainly mistaken.

While a client might have 192.168.1.8 as their IP address for eth0,
their IP address for wg0 can be something completely different. Want a
million clients? Use a /20 as your wireguard device inner IP.

Anyway, why don't you tell us all what you actually want to do, rather<= br> than these meandering theoretical questions? Then maybe we can help
you effectively.



--
Norman Shulman
S= r. Developer/Architect
N-Dimension Solutions Inc.
9030 Leslie St, Uni= t 300
Richmond Hill, ON L4B 1G2
Canada

Tel: 905 707-8884 x 226=
Fax: 905 707-0886

This email and any files transmitted with it a= re solely intended for the use of the named recipient(s) and may contain in= formation that is privileged and confidential. If you receive this email in= error, please immediately notify the sender and delete this message in all= its forms.
--94eb2c05631670df0c05379f03be--