[feature request] To support "Wireguard over raw TCP"

KeXianbin(http://diyism.com) kexianbin at diyism.com
Mon Sep 17 04:54:52 CEST 2018


Currently, I'm using udp2raw-tunnel to transform wireguard udp traffic into
raw tcp (config files as follows),
It's very stable on my home network than using wireguard alone,
But if we can integrate RAW TCP feature into wireguard, it would
significantly improve performance and stability for end users.


from:
https://gist.github.com/diyism/1b80903a83776675031c73ae499438d8#file-wireguard_config-txt-L145

$wget
https://github.com/wangyu-/udp2raw-tunnel/releases/download/20180830.2/udp2raw_binaries.tar.gz
$tar xzvf udp2raw_binaries.tar.gz
$sudo cp udp2raw_amd64 /usr/bin/
$sudo udp2raw_amd64 -c -l127.0.0.2:24448 -r<server ip>:24447 -a
$cat /etc/wireguard/wg0.conf
[Interface]
PrivateKey = <client privkey>
Address = 10.0.0.3/32
ListenPort = 24447
MTU = 1300
PostUp = ip route add 10.0.0.0/24 dev wg0 && wg set wg0 peer <server
pubkey> allowed-ips 0.0.0.0/0
PostDown = ip route del 10.0.0.0/24

[Peer]
#10.0.0.1
PublicKey = <server pubkey>
Endpoint = 127.0.0.2:24448
#AllowedIPs = 0.0.0.0/0

$sudo wg-quick down wg0 ; sudo wg-quick up wg0
$ping 10.0.0.1
64 bytes from 10.0.0.1: icmp_seq=2113 ttl=64 time=183 ms
$sudo ip route add 104.24.0.0/16 dev wg0
$ping myip.ipip.net
PING myip.ipip.net (104.24.20.50) 56(84) bytes of data.
64 bytes from 104.24.20.50 (104.24.20.50): icmp_seq=1 ttl=60 time=185 ms
$curl http://myip.ipip.net
IP:<server ip>

#take care, "MTU = 1300" in wg0.conf is needed when wireguard over udp2raw,
or else most https requests will be blocked because of mtu problem.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/wireguard/attachments/20180917/7e26e098/attachment-0001.html>


More information about the WireGuard mailing list