Multiple Endpoints
Jason A. Donenfeld
Jason at zx2c4.com
Sun Jan 8 23:18:01 CET 2017
On Sun, Jan 8, 2017 at 3:12 PM, Baptiste Jonglez
<baptiste at bitsofnetworks.org> wrote:
> I am also interested in multiple endpoints support, and I am preparing a
> proposal that I will send soon.
Cool. Any details? Probably best to discuss it casually before putting
too much work into it.
Have you read that Mosh multipath paper? I just ran into this the
other night and put it on my reading list. If so, is it any good or
relavent to this?
> So, if a client is connected to the server and the server changes its IP
> address, the client will keep trying to use the old IP address forever.
No. If the server sends a packet to the client using the same UDP
src/dst, then it will make it to the client, and the client will learn
the new server IP.
> You would need to destroy the wireguard interface on the client and
> recreate it, so that `wg` configures the kernel module with the new IP
> address associated with the hostname.
No. And even in the worst possible case, no destruction of the wg
interface would be necessary. wg(8) can reconfigure all attributes on
the fly.
> You're right, in your case, you would need to setup port forwarding on
> your client, so that wireguard on your client device can be reached from
> any IP address.
No. In the vast majority of cases I've seen, both stateful firewalls
and NAT do not do the mapping based on the remote IP.
More information about the WireGuard
mailing list