[RFC] Handling multiple endpoints for a single peer

Dan Lüdtke mail at danrl.com
Mon Jan 16 16:01:55 CET 2017


> On 8 Jan 2017, at 23:49, Jason A. Donenfeld <Jason at zx2c4.com> wrote:
> (send an encrypted out of band non-IP packet
> directly to a peer, for things like autoconfig) could play a nice role
> in this.

This is highly interesting! I should undust my gcc probably.

> One thing that comes to mind is how to detect when the local LAN peer
> comes back online there. Should wireguard just be trying to initiate a
> new handshake _always_, and eventually it will succeed and promote the
> cryptokey routing table entry to "active"?

Something like RetryTimeout=X comes to mind. And immediately raises the question how it is different from PersistentKeepalive? The latter one is misused to achieve exactly this sometimes.

The concrete problem Samuel described is one that could be solved by scoped addressing. This may be too theoretical for the actual scenario and circumstances.



More information about the WireGuard mailing list