wireguard.lists.zx2c4.com archive mirror
 help / color / mirror / Atom feed
* Server with multiple peers
@ 2019-03-30  0:45 Indro Fedrigo
  2019-04-05 15:30 ` Aaron Jones
  0 siblings, 1 reply; 3+ messages in thread
From: Indro Fedrigo @ 2019-03-30  0:45 UTC (permalink / raw)
  To: wireguard


[-- Attachment #1.1: Type: text/plain, Size: 1918 bytes --]

Hi Jason,
I'm trying to create a server with multiple peers form a wgx.conf file :
[Interface]
PrivateKey = QKet8noQBbM14ipbUOzw28yoFikAze4uM55xY+uFVWg=
ListenPort = 10300

[Peer]
PublicKey = 9YI43pxPeCvs3twJdBs5cQyH6N7qkQuTv4LcMslxYT0=
Endpoint = 10.0.10.100:10200
AllowedIPs = 192.168.0.0/16
PersistentKeepalive = 25

[Peer]
PublicKey = sQfagzCndbDxclqBJpla1Yk9p23tJKI/UWmjn8xfhz0=AllowedIPs
Endpoint = 10.0.10.101:10200
AllowedIPs = 192.168.0.0/16
PersistentKeepalive = 25

[Peer]
PublicKey = r5CcRqfp+HQrHNAGr26S8VZpT1FBlJIR7k47J2lV/XY=
Endpoint = 10.0.10.102:10200
AllowedIPs = 192.168.0.0/16
PersistentKeepalive = 25

[Peer]
PublicKey = uLUB9pcIx7cfr2Xc5O9WeVuDfIKAgm0SHRGpmSftqRQ=
Endpoint = 10.0.10.103:10200
AllowedIPs = 192.168.0.0/16
PersistentKeepalive = 25

but doing :
# wg setconf wgx /etc/wireguard/wgx.conf
ip link set up dev wgx
and
# wg
this is what I get

interface: wgx
  public key: Gd+9z9ubyeuQHl1ijoBLaz1IKRZ67qriWeQnDkIBWFU=
  private key: (hidden)
  listening port: 10300

peer: 9YI43pxPeCvs3twJdBs5cQyH6N7qkQuTv4LcMslxYT0=
  endpoint: 10.0.10.100:10200
  allowed ips: (none)
  latest handshake: 49 seconds ago
  transfer: 308 B received, 924 B sent
  persistent keepalive: every 25 seconds

peer: sQfagzCndbDxclqBJpla1Yk9p23tJKI/UWmjn8xfhz0=
  endpoint: 10.0.10.101:10200
  allowed ips: (none)
  transfer: 0 B received, 7.80 KiB sent
  persistent keepalive: every 25 seconds

peer: r5CcRqfp+HQrHNAGr26S8VZpT1FBlJIR7k47J2lV/XY=
  endpoint: 10.0.10.102:10200
  allowed ips: (none)
  transfer: 0 B received, 7.80 KiB sent
  persistent keepalive: every 25 seconds

peer: uLUB9pcIx7cfr2Xc5O9WeVuDfIKAgm0SHRGpmSftqRQ=
  endpoint: 10.0.10.103:10200
  allowed ips: 192.168.0.0/16
  transfer: 0 B received, 7.80 KiB sent
  persistent keepalive: every 25 seconds


the parameter AllowedIPs seems to get set only for the last peer...
Any idea ?

Thanks for this great piece of software!

Indro Fedrigo

[-- Attachment #1.2: Type: text/html, Size: 2926 bytes --]

[-- Attachment #2: Type: text/plain, Size: 148 bytes --]

_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: Server with multiple peers
  2019-03-30  0:45 Server with multiple peers Indro Fedrigo
@ 2019-04-05 15:30 ` Aaron Jones
  2019-04-05 18:47   ` Varun Priolkar
  0 siblings, 1 reply; 3+ messages in thread
From: Aaron Jones @ 2019-04-05 15:30 UTC (permalink / raw)
  To: wireguard

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 30/03/2019 00:45, Indro Fedrigo wrote:
> Hi Jason, I'm trying to create a server with multiple peers form a
> wgx.conf file : the parameter AllowedIPs seems to get set only for
> the last peer... Any idea ? Thanks for this great piece of
> software! Indro Fedrigo

You cannot duplicate AllowedIPs. It forms WireGuard's internal routing
table. You're essentially asking for "If we have traffic to
192.168/16, send it to peer A, and also to peer B, and also to peer C,
and also to peer D".

That doesn't work.

- -- 
Aaron Jones

-----BEGIN PGP SIGNATURE-----
Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/

iQIzBAEBCgAdFiEEYKVBwe43zZh/jkxPivBzdIirMBIFAlyndKEACgkQivBzdIir
MBLnIRAAp3UURDFtevTlWUSwgKiVyzN9eT6MGtHi1owDOSVafWPoHJ+pM2PGkPj9
v2aJsgeJK6cIC6j23F8G0ombgGsVaNFTVjeOLNThzgkv2DXJhgWjDu1iuyUmlAI6
ZSuZ9ccd+OPa3YMGX9apGTeulvVjYGs06yJ5xpgCsqIMhCnj/XOS9HoWrGDWHqOA
3AZJK9/i3jIXQHYPSCpdXrppNCw8APQWgNuB1aDPdBMcw8bgARiJzWDF7Q2xBPxx
SXS2PnFp9oG3+CNqGpEKnurUfx6QSGDPVps6a33HGpdTTAfyZw1Ha8ZSQgb3Yzt0
U1JWxhLAF+o9ubkK0n9Q0jaunrDfDbbuPmvNF3ZAAkKmITsXPSieT0WB6kXk7l0K
HZbyEexGLwrCTbLhublIazxQZsJe+ftz8liOrQr3/arGKS1NYItRV0nRKKVSR5Xx
CsUV4Ngz2Wm+gFaET4QmEJJCARY+LNV+Ntrm+R+s+5vgGK1AJ4iRfR2vYt9dotje
NiyHqF3FTFpqNK/tZ4CXgROniAmqJs5R4MRRqE5cgEsX8te5iDeCbtZPaAQepECj
+tWhd10//pjr0G5PajPD8bzIWU2cgHT6JkqwA4l/ibR5EaJm7LQvS0ppUVzS6poy
bbY0YILEtPSkDioZhxkZ3GTR2rAmE5lcGdW054CYDEdhfx9bYGo=
=6Gmi
-----END PGP SIGNATURE-----
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: Server with multiple peers
  2019-04-05 15:30 ` Aaron Jones
@ 2019-04-05 18:47   ` Varun Priolkar
  0 siblings, 0 replies; 3+ messages in thread
From: Varun Priolkar @ 2019-04-05 18:47 UTC (permalink / raw)
  To: Aaron Jones; +Cc: wireguard

If you really want to do something like this(I'm not sure why), don't
add the route via Wireguard. You can instead use iBGP multipath or
ECMP to do this.

On Fri, Apr 5, 2019 at 9:01 PM Aaron Jones <aaronmdjones@gmail.com> wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> On 30/03/2019 00:45, Indro Fedrigo wrote:
> > Hi Jason, I'm trying to create a server with multiple peers form a
> > wgx.conf file : the parameter AllowedIPs seems to get set only for
> > the last peer... Any idea ? Thanks for this great piece of
> > software! Indro Fedrigo
>
> You cannot duplicate AllowedIPs. It forms WireGuard's internal routing
> table. You're essentially asking for "If we have traffic to
> 192.168/16, send it to peer A, and also to peer B, and also to peer C,
> and also to peer D".
>
> That doesn't work.
>
> - --
> Aaron Jones
>
> -----BEGIN PGP SIGNATURE-----
> Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/
>
> iQIzBAEBCgAdFiEEYKVBwe43zZh/jkxPivBzdIirMBIFAlyndKEACgkQivBzdIir
> MBLnIRAAp3UURDFtevTlWUSwgKiVyzN9eT6MGtHi1owDOSVafWPoHJ+pM2PGkPj9
> v2aJsgeJK6cIC6j23F8G0ombgGsVaNFTVjeOLNThzgkv2DXJhgWjDu1iuyUmlAI6
> ZSuZ9ccd+OPa3YMGX9apGTeulvVjYGs06yJ5xpgCsqIMhCnj/XOS9HoWrGDWHqOA
> 3AZJK9/i3jIXQHYPSCpdXrppNCw8APQWgNuB1aDPdBMcw8bgARiJzWDF7Q2xBPxx
> SXS2PnFp9oG3+CNqGpEKnurUfx6QSGDPVps6a33HGpdTTAfyZw1Ha8ZSQgb3Yzt0
> U1JWxhLAF+o9ubkK0n9Q0jaunrDfDbbuPmvNF3ZAAkKmITsXPSieT0WB6kXk7l0K
> HZbyEexGLwrCTbLhublIazxQZsJe+ftz8liOrQr3/arGKS1NYItRV0nRKKVSR5Xx
> CsUV4Ngz2Wm+gFaET4QmEJJCARY+LNV+Ntrm+R+s+5vgGK1AJ4iRfR2vYt9dotje
> NiyHqF3FTFpqNK/tZ4CXgROniAmqJs5R4MRRqE5cgEsX8te5iDeCbtZPaAQepECj
> +tWhd10//pjr0G5PajPD8bzIWU2cgHT6JkqwA4l/ibR5EaJm7LQvS0ppUVzS6poy
> bbY0YILEtPSkDioZhxkZ3GTR2rAmE5lcGdW054CYDEdhfx9bYGo=
> =6Gmi
> -----END PGP SIGNATURE-----
> _______________________________________________
> WireGuard mailing list
> WireGuard@lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/wireguard



-- 
Regards,

Varun Priolkar
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2019-04-06 11:54 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-03-30  0:45 Server with multiple peers Indro Fedrigo
2019-04-05 15:30 ` Aaron Jones
2019-04-05 18:47   ` Varun Priolkar

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).