How to work around the fact that a Wireguard Server is a single point of failure

Garbage at gmx.de Garbage at gmx.de
Sun Apr 28 00:09:53 CEST 2019


If I understood the architecture of Wireguard correctly the server is a single point of failure: when the server goes down no client will be able to communicate with another client.

I'm looking for a way to connect one or two hands full of low resource VPS from different providers and wireguard seems to be _the_ solution when it comes to ease of setup and performance. Looking for credible sources I only found this post: https://lists.zx2c4.com/pipermail/wireguard/2019-January/003788.html

Is there some documentation that describes how to set up a "high availability" or "hot standby" configuration ? The VPS will run Kubernetes and because I do not want to spend extra bucks for a loadbalancer service I decided that a DNS failover will suffice for my Kubernetes masters. So a comparable quality of service / duration of service interruption would be just fine for the Wireguard service too.

Will a DNS based failover work for Wireguard servers ? Or am I bound to a solution that uses a static IP (that of a "real" loadbalancer) and switches to the standby Wireguard server in case the first goes down ?


More information about the WireGuard mailing list