[WireGuard] Dual stack?

Jörg Thalheim joerg at higgsboson.tk
Thu Dec 29 10:22:34 CET 2016

On 2016-12-28 14:19, Maykel Moya wrote:
> Chiming in just to tell that my ip6 experience is a breeze since
> wireguard appeared.
> Right now I found myself advocating WG more as a simple-to-configure and
> reliable-roaming ip6 tunnelling technology than a VPN itself.
> I've previously used HE (with a handcrafted mechanism to update my
> public ip4 endpoint whenever it changed) or SiXXs with a new daemon
> running in my system.
> With WG it's just setup and forget. Roaming is *reliable*, subjective
> performance is impressive (you've done the measures, I just browse and
> use services from the v6 internet without hassle).
> IMHO ip6 tunnelling is a(nother) good selling point of WG.
> Cheers,
> maykel
> ________

On the other hand switching between dual-stack/ipv4 only networks/ipv6 only networks
is problematic at the moment with the tools we have for roaming clients,
because wireguard only supports one endpoint of one address family at the time.
This might be partially fixable in future by observing the availability of default routes
in userspace (switch address family if it become unavailable). However the optimal
solution would be something like the happy eyeballs protocol (https://tools.ietf.org/html/rfc6555),
which is implemented in modern browser -
only because somebody got a v6/v4 default route does not mean it is also route able.
I don't know how the latter one would fit into the stateless concept of wireguard.
I currently help myself by using an dedicated routing protocoll.

More information about the WireGuard mailing list