Re: problem wireguard + ospf + unconnected tunnels
aeforeve at mail.ru
Mon Jul 10 19:26:36 CEST 2017
>Понедельник, 10 июля 2017, 22:09 +05:00 от "Jason A. Donenfeld" <Jason at zx2c4.com>:
>On Mon, Jul 10, 2017 at 7:06 PM, ae < aeforeve at mail.ru > wrote:
>> yes - work
>Great to hear! This will be a part of the next snapshot.
>> + Pair of missing functionality - which I lacked when replacing with wireguard
>> 1) src addr tunnel
>What is this? Can you elaborate on what you mean?
src address tunnel
Not only src port
But also with an address from which the tunnel packets are sent
At a multichromed server - it is possible but inconvenient to operate from where the packets will be sent via the ip mark
>> 2) work in only preshared crypto
>WireGuard has a preshared-key mode, but it's in addition to the normal
>EC-based crypto, not instead of. Welcome to the future!
Routing through crypto keys - maybe well - but with dynamic routing - not working at all
Go through to create a crowd of point-point tunnels - and have 2 keys to use
And the question is: how productive will it work when point multipoint, provided that multipoint ~ 10000? And 10,000 + 1 key
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the WireGuard