WireGuard Archive on lore.kernel.org
 help / color / Atom feed
From: Michael Brookes <mgsb81@gmail.com>
To: wireguard@lists.zx2c4.com
Subject: Explanation of multiple addresses in config
Date: Mon, 30 Dec 2019 10:16:32 +0000
Message-ID: <CABfcST9Ovn7=2gmXhKYEmp4tA6w33KnV4f5KEXZtqz33nfVt3g@mail.gmail.com> (raw)


The manpage for wg-quick states one can use Address multiple times in
the Interface section of a config.  I've tried this but it yields
unexpected results.  Here is my config which I'm using on my Ubuntu

PrivateKey = <key>
Address =
Address =

PublicKey = FgVLScjX29jwnXXbHStFpNKcFqbaiNK6LuSWFglrWCo=
AllowedIPs =,
Endpoint = endpoint1:51820
PersistentKeepalive = 10

PublicKey = itXrReVj+wuecrSs+VNnEEkpc7wHb8QhXQtMQUBrOj8=
AllowedIPs =,
Endpoint = endpoint2:51820
PersistentKeepalive = 25

wg-quick up <config> gives me an interface with both addresses
assigned, is listed first, listed second in
the ip addr output.
Running tcpdump in parallel on both peer endpoints and my latop, I
ping an address in the ranges the second peer lists in its AllowedIPs,
for example
tcpdump on the wireguard interfaces shows the following: -> : ICMP echo request

I can see the peer itXrReV... receiving the echo request but it's
coming from the first Address listed in the config and endpoint2 only
has 10.88/16 addresses in it's AllowedIPs.

Any insight into what's happening would be gratefully received, I've
tried asking a couple of times but not had any feedback, I suspect I
am fundamentally misunderstanding something here.

Regards and thanks.
WireGuard mailing list

             reply index

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-12-30 10:16 Michael Brookes [this message]
     [not found] ` <CAPWNY8VCYCUy7B_6D-WbPFcAYVopO9D97Ykp_35MdKQUk_Z26Q@mail.gmail.com>
2020-01-10 11:22   ` Michael Brookes

Reply instructions:

You may reply publically to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CABfcST9Ovn7=2gmXhKYEmp4tA6w33KnV4f5KEXZtqz33nfVt3g@mail.gmail.com' \
    --to=mgsb81@gmail.com \
    --cc=wireguard@lists.zx2c4.com \


* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

WireGuard Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/wireguard/0 wireguard/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 wireguard wireguard/ https://lore.kernel.org/wireguard \
	public-inbox-index wireguard

Example config snippet for mirrors

Newsgroup available over NNTP:

AGPL code for this site: git clone https://public-inbox.org/public-inbox.git