WireGuard Archive on lore.kernel.org
 help / Atom feed
From: "Rene 'Renne' Bartsch, B.Sc. Informatics" <ml@bartschnet.de>
To: wireguard@lists.zx2c4.com
Subject: Re: RFC: wg syncpeers wg0 wireguard.conf
Date: Mon, 10 Jun 2019 14:34:26 +0200
Message-ID: <d8972aae-0ac5-7386-ddfe-ff0d899a107c@bartschnet.de> (raw)
In-Reply-To: <6BFBD58C-ACC2-45FD-9986-63CEA1143BA6@lonnie.abelbeck.com>

Hi Lonnie,

I agree. If a peer could push updated information of a remote peer (e.g. ip address, port) to all other peers it would be great, too.



Am 09.06.19 um 21:59 schrieb Lonnie Abelbeck:
> Hi List, Request For Comments:
> I would find it useful if "wg" would support a "syncpeers" subcommand.
> --
> Usage: wg syncpeers <interface> <configuration filename>
> --
> Available subcommands:
>    syncpeers: Synchronizes a configuration file of peers to a WireGuard interface
> --
> Given:
> - A user creates a wireguard.conf file.
> - Uses "wg setconf wg0 wireguard.conf" to apply the configuration.
> Request:
> - Later, a user edits a wireguard.conf file: adds peers, deletes peers, and/or edits peers.
> - Use "wg syncpeers wg0 wireguard.conf" to synchronize the configuration file of peers with the current state.
> - Synchronize changes with minimal impact, determine peer differences and leave unchanged settings alone.
> - Basically internally using "wg set wg0 ..." to make the minimum changes.
> - If the [Peer] Endpoint is a DNS hostname, the Endpoint will be resolved and IP updated.
> Note: Interestingly, "wg setconf wg0 wireguard.conf" *almost* performs as requested except for a 17 second interruption of the tunnel *if* PersistentKeepalive is 0.  Even if PersistentKeepalive is 3600, a "wg setconf wg0 wireguard.conf" will not effect an active tunnel except for resetting traffic counters.
> I understand a script could be created to perform this as well, but adding it to "wg" lowers the hurdle for many users.
> If the 17 second interruption of active tunnels while using "wg setconf wg0 wireguard.conf" could be eliminated, this request may be moot.
> Comments please.
> Lonnie
> _______________________________________________
> WireGuard mailing list
> WireGuard@lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/wireguard
WireGuard mailing list

  reply index

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-06-09 19:59 Lonnie Abelbeck
2019-06-10 12:34 ` Rene 'Renne' Bartsch, B.Sc. Informatics [this message]
2019-06-11 17:28 ` Jason A. Donenfeld
2019-06-11 21:06   ` Lonnie Abelbeck
2019-06-11 21:41     ` Kalin KOZHUHAROV
2019-06-12  0:22   ` Steven Honson
2019-06-12  0:25     ` Marc Fawzi
2019-06-14 18:01       ` Jason A. Donenfeld
2019-06-16 19:43         ` Marc Fawzi
2019-06-13 23:15   ` Lonnie Abelbeck
2019-06-14 18:09   ` Jason A. Donenfeld
2019-06-14 20:48     ` Lonnie Abelbeck

Reply instructions:

You may reply publically to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=d8972aae-0ac5-7386-ddfe-ff0d899a107c@bartschnet.de \
    --to=ml@bartschnet.de \
    --cc=wireguard@lists.zx2c4.com \


* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

WireGuard Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/wireguard/0 wireguard/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 wireguard wireguard/ https://lore.kernel.org/wireguard \
		wireguard@lists.zx2c4.com zx2c4-wireguard@archiver.kernel.org
	public-inbox-index wireguard

Newsgroup available over NNTP:

AGPL code for this site: git clone https://public-inbox.org/ public-inbox