Re[4]: problem wireguard + ospf + unconnected tunnels

ae aeforeve at mail.ru
Mon Jul 10 19:26:36 CEST 2017




>Понедельник, 10 июля 2017, 22:09 +05:00 от "Jason A. Donenfeld" <Jason at zx2c4.com>:
>
>On Mon, Jul 10, 2017 at 7:06 PM, ae < aeforeve at mail.ru > wrote:
>> yes - work
>Great to hear! This will be a part of the next snapshot.
>
>> + Pair of missing functionality - which I lacked when replacing with wireguard
>>
>> 1) src addr tunnel
>What is this? Can you elaborate on what you mean?

src address tunnel
Not only src port
But also with an address from which the tunnel packets are sent
At a multichromed server - it is possible but inconvenient to operate from where the packets will be sent via the ip mark


>
>> 2) work in only preshared crypto
>WireGuard has a preshared-key mode, but it's in addition to the normal
>EC-based crypto, not instead of. Welcome to the future!

Routing through crypto keys - maybe well - but with dynamic routing - not working at all
Go through to create a crowd of point-point tunnels - and have 2 keys to use


And the question is: how productive will it work when point multipoint, provided that multipoint ~ 10000? And 10,000 + 1 key

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/wireguard/attachments/20170710/fe874cec/attachment.html>


More information about the WireGuard mailing list