wireguard.lists.zx2c4.com archive mirror
 help / color / mirror / Atom feed
* Getting IPv6 route advertisements to work over WG
@ 2018-08-27 12:14 Roman Mamedov
  2018-08-27 13:32 ` netravnen
  0 siblings, 1 reply; 6+ messages in thread
From: Roman Mamedov @ 2018-08-27 12:14 UTC (permalink / raw)
  To: wireguard

Hello,

I am trying to get IPv6 link-local IPs and route advertisements to work over
WG. The reason is not for the usual case of address autoconfiguration, but to
use RA as a dynamic routing protocol of sorts, as it can distribute routes --
or in case of WG (where routes need to be static in AllowedIPs), act as a
keep-alive protocol.

Example use: a host can be connected to a network via a number of independent
routers (and separate WG tunnel to each); in case one of the routers goes
down, the route entry that it was sending via RA times out, so the host will
automatically use the other one(s) to reach that network. It would look
similar to this:

# ip -6 route
...
fd00::/32 via fe80::be:a0ff:fe18:4aac dev wg1 proto ra metric 1024  expires 30sec pref medium
fd00::/32 via fe80::e8:4fff:fe94:2d7f dev wg2 proto ra metric 1024  expires 119sec pref medium
fd00::/32 via fe80::43:31ff:fec0:da97 dev wg3 proto ra metric 1024  expires 86360sec pref low
...

What works:

  * manually assigning link-local(LL) IPs on both sides of a WG tunnel
    (fe80:[somethingrandom]/64 scope link);
  * any normal communication over these LL IPs (assuming they are also present
    in AllowedIPs);
  * running RADVD with WG link as one of its interfaces;
  * explicitly requesting and receiving a RA, via using 'rdisc6' while specifying the
    other side's LL IP;

What doesn't:

  * it appears multicast not supported, so anything involving
    multicast, as in automatically requesting RAs on the kernel side, or
    manually with 'rdisc6' but without specifying peer's LL:

      # rdisc6 wg3
      Soliciting ff02::2 (ff02::2) on wg3...
      Sending ICMPv6 packet: Required key not available

I found discussion[1], but it is unclear what is the outcome. In any case, I
would like to add my vote to please add some kind of multicast support, even
if just as a dumb broadcast for now. It would work just fine for a lot of
cases; don't know about others, but my WG networks tend to include at most 2-3
hosts each (but there's a lot of independent networks).

[1] https://lists.zx2c4.com/pipermail/wireguard/2017-April/001177.html

-- 
With respect,
Roman

^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, other threads:[~2018-08-27 21:01 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-08-27 12:14 Getting IPv6 route advertisements to work over WG Roman Mamedov
2018-08-27 13:32 ` netravnen
2018-08-27 13:53   ` Roman Mamedov
2018-08-27 14:46     ` Riccardo Paolo Bestetti
2018-08-27 14:55       ` Matthias Urlichs
2018-08-27 21:14       ` StarBrilliant

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).