[WireGuard] WireGuard cryptokey routing
Norman Shulman
norman.shulman at n-dimension.com
Tue Jul 5 20:05:56 CEST 2016
Hi Jason,
Makes sense, but what if both clients have the same address (
192.168.32.19/32)?
Norm
On Tue, Jul 5, 2016 at 12:30 PM, Jason A. Donenfeld <Jason at zx2c4.com> wrote:
> Hi Norm,
>
> If you run these commands:
>
> wg set wg0 peer ABCD allowed-ips 192.168.32.19/32
> wg set wg0 peer EFGH allowed-ips 192.168.32.19/32
>
> After the first command ABCD has 192.168.32.19/32. After the second
> command, ABCD has no allowed ips, and EFGH has 192.168.32.19/32.
>
> However, if you run these commands:
>
> wg set wg0 peer ABCD allowed-ips 192.168.32.0/24
> wg set wg0 peer EFGH allowed-ips 192.168.32.19/32
>
> After running both commands, ABCD will have 192.168.32.0/24 and EFGH
> will have 192.168.32.19/32. However, when sending packets, the routing
> table lookups will always match on the most specific match, so ABCD
> will not be able to send or receive packets for 192.168.32.19/32.
>
> Make sense?
>
> Jason
>
--
Norman Shulman
Sr. Developer/Architect
N-Dimension Solutions Inc.
9030 Leslie St, Unit 300
Richmond Hill, ON L4B 1G2
Canada
Tel: 905 707-8884 x 226
Fax: 905 707-0886
This email and any files transmitted with it are solely intended for the
use of the named recipient(s) and may contain information that is
privileged and confidential. If you receive this email in error, please
immediately notify the sender and delete this message in all its forms.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/wireguard/attachments/20160705/fcda8c38/attachment.html>
More information about the WireGuard
mailing list