WIreGuard on embedded devices and traffic shaping question.

Jason A. Donenfeld Jason at zx2c4.com
Sat Feb 11 10:20:08 CET 2017

Hey Joe,

Sorry for the late reply. There was a conference and then a small trip
after, and now I'm catching up on the backlog.

On Fri, Jan 27, 2017 at 12:05 PM,  <j0eblack at teknik.io> wrote:
> If anyone is interested in this set-up I can write a short guide how you can
> achieve that and other people can point if any mistakes were made during the
> setup.

I'd certainly be interested in some sort of blog write-up. The more
documentation and tutorials, the better, IMHO.

> Something that I want to do, and I was not able to find information about it
> in the mailing list or the docs on the website is, can bandwidth (traffic
> shaping) limits be applied between connected peers?

The traffic shaping with WireGuard is the same trafic shaping found in
the rest of the Linux kernel -- the qdisc and tc subsystem. I think
you can use the usual techniques there for applying shaping to the
entire interface or selectively to certain flows.

> I have done this in the past with open-vpn and tc (per IP address shaping)
> and I am really curious if this can be done inside WireGuard or not?

I believe it can be using exactly that idea.


More information about the WireGuard mailing list