Multiple Endpoints
Jason A. Donenfeld
Jason at zx2c4.com
Sat Jan 7 16:23:08 CET 2017
Hello,
Keep in mind that WireGuard's roaming property means that while the
two peers are communicating, they'll automatically be updating to each
others' latest IP addresses. One way to ensure that they _keep_
communicating is by using the PersistentKeepalive feature. This then
shifts the problem to "how do they start communicating", in which case
you can just use a little resolve,ping,resolve,ping loop on your
various dyndns services.
But, in case you want a different architecture, I'll directly answer
your questions:
- wg setconf/addconf/set can be run at any time, before or after the
link is up, and before or after peers are communicating. It returns
and succeeds immediately, leaving the actual negotiation to be done
whenever data needs to be sent.
- The same goes for `ip link up`, with the sole exception that `ip
link up` may fail if the UDP port is already in use by a different
program.
- The best way to determine if a wireguard link is up is if you can
send a ping through the tunnel.
- Your syntax doesn't make sense for endpoint setting. What you want
is: `wg set wg0 peer ABCDEFG... endpoint 1.2.3.4:1234`. So, yes, you
can individually set the endpoint of a peer.
Jason
More information about the WireGuard
mailing list