Allowed IPs Toggling
Samuel Holland
samuel at sholland.org
Thu Mar 15 16:56:56 CET 2018
Hello,
On 03/15/18 10:31, Gianluca Gabrielli wrote:
> I was setting two peers on the server, but every time I re-add one of these
> two the other one is shown with (none) on "allowed ips" field. Of course that
> blocks communications with that peer. If I try to re-add it, then the other
> peer loses its configuration, same problem.
Allowed IPs is like a routing table; you can't have two routes for the same set
of IPs, or WireGuard doesn't know which peer to send the traffic to. You want to
have non-overlapping Allowed IP ranges. This usually means that the range of
Allowed IPs is smaller than the host's subnet. For example:
Host A:
IP configuration for WireGuard interface: 192.168.123.1/24
Allowed IPs for Host B: 192.168.123.2/32
Host B:
IP configuration for WireGuard interface: 192.168.123.2/24
Allowed IPs for Host A: 192.168.123.1/32
The IP configuration tells the kernel which IP ranges are accessible via the
WireGuard interface. The Allowed IPs tell WireGuard, which _subset_ of those IPs
is associated with each peer.
> Cheers,
> Gianluca
Cheers,
Samuel
More information about the WireGuard
mailing list