[WireGuard] Comments on wgserver.service
Bruno Wolff III
bruno at wolff.to
Wed Jul 6 17:19:11 CEST 2016
On Wed, Jul 06, 2016 at 16:33:02 +0200,
"Jason A. Donenfeld" <Jason at zx2c4.com> wrote:
>Thanks for your feedback on this. That's a good idea to call ip-link
>del first. I get that the - will make the error non-fatal, but will it
>also suppress writing the error message into journald?
I don't think so. I see 'Cannot find device "wg0"' that looks like it
comes from that command. It doesn't show up in systemctl status output
>Please feel free to make wgserver.service into a more robust unit file
>and send patches (git-send-email), or make a few different unit files
>show casing different types of configurations. I'm not a huge systemd
>guy, so I just sort of threw that together haphazardly. It'd be nice
>also to see this integrated into systemd-networkd and the .network
>units. Are you involved with upstream at all? Interested in taking
>this integration work on?
After I hear back about the systemd bug, I'll submit a simple change
Some of the other stuff seems situational and I'm not sure makes for
great examples. If I figure out a standard way to make sure dns is
available, I'll include something for that, since that would be
reasonable to do by default. But that is beyond my current systemd
I don't know systemd well at all. Based on your example and some reading,
I know significantly more today than I did yesterday morning. I do some
stuff for Fedora and once in a while I'll do a bisect to try to narrow
down a problem I'm having with a kernel on my hardware. I'm not a kernel
developer at all.
Wireguard caught my eye because of the timing. I was looking at trying to
set up an ipsec tunnel in preperation for having my work desktop switching
to a non-routable IP address. Working with wireguard looked easier than
trying to figure out ipsec, even with having to build wireguard from source.
Potentially I could get involved with packing wg on Fedora, but there isn't
much point until the kernel part is upstream.
More information about the WireGuard