WireGuard Archive on lore.kernel.org
 help / Atom feed
* Multiple endpoints with same public key
@ 2018-12-03  9:22 Davide Depau
  2018-12-03 13:11 ` Toke Høiland-Jørgensen
  0 siblings, 1 reply; 2+ messages in thread
From: Davide Depau @ 2018-12-03  9:22 UTC (permalink / raw)
  To: WireGuard mailing list

[-- Attachment #1.1: Type: text/plain, Size: 1515 bytes --]

A few days ago I was struggling with a very slow connection and I was
wondering whether WireGuard can support this setup (please see attached
graph).

There is a WireGuard server (the port it's listening on is reachable from
the outside), then one client with two interfaces connected to the Internet
with two different IP addresses.

Is it possible to have *one* WireGuard interface on the client, which sends
packets to the server through both interfaces in a round-robin fashion? I
would expect the server to detect the client (identified by the public key)
is sending packets from multiple endpoints, and send packets to both
endpoints.

If that's not possible with the current implementation (it should not as it
would break roaming), can it be implemented as a new feature?

One solution that keeps roaming working would be to explicitly enable the
multiple endpoints feature for each peer in the config file. If it's
enabled, keepalive packets are always sent at a configurable rate on both
ends and, when they don't get acknoweledged from one endpoint, it is
discarded.
If the feature is not enabled, the peers behave as they do now.

I'm not sure how the peer with multiple outgoing interfaces could be
configured to use all of them, though. I'll just leave this here so if you
think the idea might be good somebody may come up with a solution.
-- 

--

Davide Depau
PoliEdro <https://poliedro-polimi.it/> – PoliMi Pride <https://polimipride.it/>
Cell: +39 327 798 7963

[-- Attachment #1.2: Type: text/html, Size: 2659 bytes --]

[-- Attachment #2: drawing.pdf --]
[-- Type: application/pdf, Size: 12149 bytes --]

[-- Attachment #3: Type: text/plain, Size: 148 bytes --]

_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: Multiple endpoints with same public key
  2018-12-03  9:22 Multiple endpoints with same public key Davide Depau
@ 2018-12-03 13:11 ` Toke Høiland-Jørgensen
  0 siblings, 0 replies; 2+ messages in thread
From: Toke Høiland-Jørgensen @ 2018-12-03 13:11 UTC (permalink / raw)
  To: Davide Depau, WireGuard mailing list

Davide Depau <davide@depau.eu> writes:

> A few days ago I was struggling with a very slow connection and I was
> wondering whether WireGuard can support this setup (please see attached
> graph).
>
> There is a WireGuard server (the port it's listening on is reachable from
> the outside), then one client with two interfaces connected to the Internet
> with two different IP addresses.
>
> Is it possible to have *one* WireGuard interface on the client, which sends
> packets to the server through both interfaces in a round-robin fashion? I
> would expect the server to detect the client (identified by the public key)
> is sending packets from multiple endpoints, and send packets to both
> endpoints.

I think this would be better solved at a higher layer: Run two tunnels
(to two different port numbers on the server, for instance), and have
the kernel do ECMP routing across both wireguard interfaces...

-Toke
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, back to index

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-12-03  9:22 Multiple endpoints with same public key Davide Depau
2018-12-03 13:11 ` Toke Høiland-Jørgensen

WireGuard Archive on lore.kernel.org

Archives are clonable: git clone --mirror https://lore.kernel.org/wireguard/0 wireguard/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 wireguard wireguard/ https://lore.kernel.org/wireguard \
		wireguard@lists.zx2c4.com zx2c4-wireguard@archiver.kernel.org
	public-inbox-index wireguard


Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/com.zx2c4.lists.wireguard


AGPL code for this site: git clone https://public-inbox.org/ public-inbox