TCP traffic in ipip tunnel inside wireguard connection
Jason A. Donenfeld
Jason at zx2c4.com
Mon May 29 23:02:16 CEST 2017
Hi Ivan,
I'll try to reproduce in order to determine whether or not there's a
checksum bug with nested tunnels. However, all of this seems quite
unnecessary:
Just set allowed-ips to be your /30 for each peer. If you need one to
be 0.0.0.0/0 at one time or another, you can change these at runtime.
Alternatively, if you _must_ have multiple 0.0.0.0/0 just use two
different wireguard interfaces running on different UDP ports, and
then you'll have the full power of the ordinary linux routing table
for this sort of craziness.
Jason
More information about the WireGuard
mailing list