Wireguard and VRFs?
Maximilian Wilhelm
max at sdn.clinic
Fri Sep 15 02:52:55 CEST 2017
Hi folks,
I just stumbled across wireguard and really like it!
While reading the docs and seeing the notes on network name spaces I
started wondering if there's any support for Linux VRFs? [0]
What I'd like to do is builing a VPN tunnel using VRF "external" and
terminate the tunnel within the main VRF. For OpenVPN this required a
patch [65] for the setsockopt() but then works fine. Is something like
this already possible with Wireguard?
And if not would you be open to adding it or merging a patch for it?
I didn't look through the code yet, but I would suggest an option for the
tun interface which will then trigger a setsockopt() call. Like a
parameter for iproute for type wireguard interfaces.
Thanks a lot!
Best
Max
[0] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/Documentation/networking/vrf.txt
[65] https://github.com/OpenVPN/openvpn/pull/65
--
"I have to admit I've always suspected that MTBWTF would be a more useful
metric of real-world performance."
-- Valdis Kletnieks on NANOG
More information about the WireGuard
mailing list