crypto routing with subnets?
Bruno Wolff III
bruno at wolff.to
Fri Oct 20 20:06:03 CEST 2017
On Fri, Oct 20, 2017 at 20:02:43 +0200,
"Jason A. Donenfeld" <Jason at zx2c4.com> wrote:
>Hi Bruno,
>
>Fortunately the inquires of this email are things that you could
>figure out simply by trying, so if you want to learn-by-doing, you can
>stop reading here and finish reading afterward.
I'm doing that too. Though I can't test the full set up right now as I
can't safely change the router firmware until I get home.
>
>Here are the solutions:
>
>1. A peer is its public key, which means you can't have two different
>peers with the same key, since they'd be the same peer. In essence
>you're asking for a==a&&a!=a, which is always false.
I mostly wanted to make sure I had a correct mental model for how this
worked. It seemed like it had to be that way.
>2. Traffic will always go to the most specific route, which means the
>/32 will take precedence over the /16.
For this one, I was a bit worried that it might work sometimes, but have
problems later as I couldn't find an explicit answer in the documentation
(I might have missed it.) saying it worked like normal network routing. The
examples I saw were all disjoint networks.
Thank you for the clarifications.
More information about the WireGuard
mailing list