Multiple Endpoints
Jason A. Donenfeld
Jason at zx2c4.com
Sun Jan 15 11:01:19 CET 2017
Hey Em,
Circling back to this thread, indeed Baptiste was right. While the
existing situation will likely work fine with NAT, it won't work as
nicely with a strict stateful firewall, when the server IP is dynamic
and changing. So, there's some headway to be made with Baptiste's
multi-endpoint idea. But in the interim, it seems likely the best
mechanism to use would be some userspace solution to check
periodically if the dynamic IP has changed, and to update the
wireguard device accordingly. Hopefully I'll implement some kind of
userspace notification logic so this can be more fine grained than a
cronjob. I'll let you know how this progresses.
Jason
More information about the WireGuard
mailing list