WireGuard Archive on lore.kernel.org
 help / Atom feed
* Android and Manjaro road warriors behind dynamic IP addresses/Carrier Grade NAT?
@ 2018-12-29 12:16 Rene 'Renne' Bartsch, B.Sc. Informatics
  2018-12-29 12:53 ` Markus Grundmann
  0 siblings, 1 reply; 4+ messages in thread
From: Rene 'Renne' Bartsch, B.Sc. Informatics @ 2018-12-29 12:16 UTC (permalink / raw)
  To: wireguard

Hi,

we have Android and Manjaro road warriors which are often behind internet sockets with dynamic IP addresses AND Carrier Grade NAT.

Does anyone know a trick how to initiate a direct Wireguard connection between to road warriors without knowing their endpoint IP addresses/ports?

Regards,

Renne
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: Android and Manjaro road warriors behind dynamic IP addresses/Carrier Grade NAT?
  2018-12-29 12:16 Android and Manjaro road warriors behind dynamic IP addresses/Carrier Grade NAT? Rene 'Renne' Bartsch, B.Sc. Informatics
@ 2018-12-29 12:53 ` Markus Grundmann
  2018-12-29 13:49   ` Rene 'Renne' Bartsch, B.Sc. Informatics
  0 siblings, 1 reply; 4+ messages in thread
From: Markus Grundmann @ 2018-12-29 12:53 UTC (permalink / raw)
  To: wireguard

Hi Renne,

for this reason I use a jump server based on SSH in the middle of the
nodes.

<snip>
[authorized_keys]
no-port-forwarding,no-X11-forwarding,command="~/bin/poll .my-ip ; cat
~/.remote-ip" ssh-rsa AAAAB3N ...
</snap>

After you have received the IP addresses you can use "wg" to set the new
endpoint address on both nodes. The small script named "/bin/poll" uses
the environment variables of SSH to wrote the current IP into a file.

Best regards,
Markus

On 29.12.18 13:16, Rene 'Renne' Bartsch, B.Sc. Informatics wrote:
> Hi,
> 
> we have Android and Manjaro road warriors which are often behind
> internet sockets with dynamic IP addresses AND Carrier Grade NAT.
> 
> Does anyone know a trick how to initiate a direct Wireguard connection
> between to road warriors without knowing their endpoint IP addresses/ports?
> 
> Regards,
> 
> Renne
> _______________________________________________
> WireGuard mailing list
> WireGuard@lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/wireguard
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: Android and Manjaro road warriors behind dynamic IP addresses/Carrier Grade NAT?
  2018-12-29 12:53 ` Markus Grundmann
@ 2018-12-29 13:49   ` Rene 'Renne' Bartsch, B.Sc. Informatics
  2018-12-30  3:35     ` Bruno Wolff III
  0 siblings, 1 reply; 4+ messages in thread
From: Rene 'Renne' Bartsch, B.Sc. Informatics @ 2018-12-29 13:49 UTC (permalink / raw)
  To: wireguard

Hi Markus,

that's what I thought about, too. It means to add another authentication system (SSH) and fiddle around on Android smartphones.

Is there any way for Wireguard peers with static IP addresses to push endpoint information of all connected peers to all other peers?
Or at least a hook which allows to dump changing endpoints into a file in real-time?

The optimal solution would be to integrate something like https://github.com/manuels/wireguard-p2p (DHT + hole punching techniques) into Wireguard itself.

Addressing by public keys and resolving IP-addresses/ports by a DHT would even make Wireguard John-Doe-compatible. ;-)

Regards,

Renne



Am 29.12.18 um 13:53 schrieb Markus Grundmann:
> Hi Renne,
> 
> for this reason I use a jump server based on SSH in the middle of the
> nodes.
> 
> <snip>
> [authorized_keys]
> no-port-forwarding,no-X11-forwarding,command="~/bin/poll .my-ip ; cat
> ~/.remote-ip" ssh-rsa AAAAB3N ...
> </snap>
> 
> After you have received the IP addresses you can use "wg" to set the new
> endpoint address on both nodes. The small script named "/bin/poll" uses
> the environment variables of SSH to wrote the current IP into a file.
> 
> Best regards,
> Markus
> 
> On 29.12.18 13:16, Rene 'Renne' Bartsch, B.Sc. Informatics wrote:
>> Hi,
>>
>> we have Android and Manjaro road warriors which are often behind
>> internet sockets with dynamic IP addresses AND Carrier Grade NAT.
>>
>> Does anyone know a trick how to initiate a direct Wireguard connection
>> between to road warriors without knowing their endpoint IP addresses/ports?
>>
>> Regards,
>>
>> Renne
>> _______________________________________________
>> WireGuard mailing list
>> WireGuard@lists.zx2c4.com
>> https://lists.zx2c4.com/mailman/listinfo/wireguard
> _______________________________________________
> WireGuard mailing list
> WireGuard@lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/wireguard
> 
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: Android and Manjaro road warriors behind dynamic IP addresses/Carrier Grade NAT?
  2018-12-29 13:49   ` Rene 'Renne' Bartsch, B.Sc. Informatics
@ 2018-12-30  3:35     ` Bruno Wolff III
  0 siblings, 0 replies; 4+ messages in thread
From: Bruno Wolff III @ 2018-12-30  3:35 UTC (permalink / raw)
  To: Rene 'Renne' Bartsch, B.Sc. Informatics; +Cc: wireguard

On Sat, Dec 29, 2018 at 14:49:56 +0100,
  "Rene 'Renne' Bartsch, B.Sc. Informatics" <ml@bartschnet.de> wrote:
>
>Is there any way for Wireguard peers with static IP addresses to push endpoint information of all connected peers to all other peers?
>Or at least a hook which allows to dump changing endpoints into a file in real-time?

I have a /29 at home and I have set up 2 laptops to have static IP addresses 
that can be used to connect to them, no matter what network they are 
connected to.

I use a local router to relay the traffic.
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, back to index

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-12-29 12:16 Android and Manjaro road warriors behind dynamic IP addresses/Carrier Grade NAT? Rene 'Renne' Bartsch, B.Sc. Informatics
2018-12-29 12:53 ` Markus Grundmann
2018-12-29 13:49   ` Rene 'Renne' Bartsch, B.Sc. Informatics
2018-12-30  3:35     ` Bruno Wolff III

WireGuard Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/wireguard/0 wireguard/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 wireguard wireguard/ https://lore.kernel.org/wireguard \
		wireguard@lists.zx2c4.com zx2c4-wireguard@archiver.kernel.org
	public-inbox-index wireguard


Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/com.zx2c4.lists.wireguard


AGPL code for this site: git clone https://public-inbox.org/ public-inbox