multi-home difficulty
d tbsky
tbskyd at gmail.com
Fri Dec 1 08:44:22 CET 2017
2017-11-29 22:49 GMT+08:00 Jason A. Donenfeld <Jason at zx2c4.com>:
> On Wed, Nov 29, 2017 at 3:16 PM, d tbsky <tbskyd at gmail.com> wrote:
>> sorry I misunderstand you. you mean I modify the script and run
>> in my environment to reveal the problem?
>> ok I will try to do it.
>
> Take what I sent you. Run it. If it breaks, send me the output and
> your kernel. If it doesn't break, mess with it until it breaks, and
> then send it back to me.
Hi jason:
during test in netns environment, I saw something that I never
saw at real world. the steps below:
1. client try connect to multi-home-server.
2. wait for conntrack session timeout both for client and server.
3. server try connect to client. server will use source ip at step1 to connect.
it means at step1, wireguard not only remember client's ip address,
but also remember self source ip address. even though the source
address didn't show at "wg wg0" user interface.
is the assumption true? I didn't see this behavior in real world.
Regards,
tbskyd
More information about the WireGuard
mailing list