Another allowed-ips question
Jason A. Donenfeld
Jason at zx2c4.com
Thu Nov 23 00:51:35 CET 2017
Hi Ryan,
Sorry for the delayed response. The high volume and churn of
development recently has gotten me a bit behind on the mail queue and
rather confused.
You wrote:
> what i'm struggling with is if they are unable to communicate directly and build routes to one another via an intermediary router (which is also connected to each 'client' via wireguard).
If I understood you correctly, you're looking at this situation: Peer
A connects to Peer S. Peer B connects to Peer S. A wants to talk to B,
through S. In this case, the allowed-ips of S on A lists B's internal
IP, and the allowed-ips of S on B lists A's internal IP address. In
other words, you have A/B state that "I trust S to send me the traffic
of B/A."
Does this answer your question?
Regards,
Jason
More information about the WireGuard
mailing list