Multihomed server issue

Jason A. Donenfeld Jason at zx2c4.com
Thu Aug 3 14:59:10 CEST 2017


Hi Wang,

I understand your inquiry and I see what you're trying to accomplish
with your use of ip rule and fwmark. However, *WireGuard already does
this automatically*. We _do_ support reply-to-sender. We _do_
supported multihomed servers. You wrote, "But I do wish that server
can deduce public address which the client connects to, and use the
public address to response to the client, then the configuration will
be simple and straightforward." WireGuard _does_ do this.

To demonstrate that, I've added a more explicit test of this to the test suite:
https://git.zx2c4.com/WireGuard/commit/?id=bf44c07a805a5e40408059ac60dfc526196a3797

If this is not working for you, then you're either doing something
wrong, or you've uncovered a bug in either WireGuard or the kernel. In
case it's the latter, would you send me a patch for netns.sh that
demonstrated the problem in a clear way?

Thanks,
Jason


More information about the WireGuard mailing list