Another allowed-ips question

Jason A. Donenfeld Jason at
Thu Nov 23 00:51:35 CET 2017

Hi Ryan,

Sorry for the delayed response. The high volume and churn of
development recently has gotten me a bit behind on the mail queue and
rather confused.

You wrote:
>  what i'm struggling with is if they are unable to communicate directly and build routes to one another via an intermediary router (which is also connected to each 'client' via wireguard).

If I understood you correctly, you're looking at this situation: Peer
A connects to Peer S. Peer B connects to Peer S. A wants to talk to B,
through S. In this case, the allowed-ips of S on A lists B's internal
IP, and the allowed-ips of S on B lists A's internal IP address. In
other words, you have A/B state that "I trust S to send me the traffic
of B/A."

Does this answer your question?


More information about the WireGuard mailing list