[WireGuard] Allowing out-of-band communication with peers

Guus Sliepen guus at tinc-vpn.org
Thu Jun 30 18:32:26 CEST 2016


Hello,

Wireguard looks very interesting! I'm the author of tinc, another VPN
project. With wireguard, even if you have a single interface to connect
to multiple peers, you still end up managing which peers to connect to.
If you want to set up a mesh VPN with a large number of nodes, this can
become problematic. With tinc, you normally configure only connections
to a small number of nodes, and let it discover the rest of the VPN
automatically.

I believe it should be possible to have a userspace daemon manage a
wireguard interface. However, for discovering other nodes this daemon
would need to exchange information with peers. It would be very useful
if there was a designated packet type for this (0x5?), and that the
netlink interface could be used to receive and send these packets from
userspace, as well as some way to get notified of peers (dis)connecting.

-- 
Met vriendelijke groet / with kind regards,
     Guus Sliepen <guus at tinc-vpn.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://lists.zx2c4.com/pipermail/wireguard/attachments/20160630/8de5b03f/attachment.asc>


More information about the WireGuard mailing list