Wireguard + anycast
dcow at eero.com
Fri Jan 4 04:17:10 CET 2019
If Wireguard let you configure a list of allowed keys for a peer (instead
of a single key) that would be a logical solution without much extra
complexity at all I imagine.
On Thu, Jan 3, 2019 at 2:39 PM Edward Vielmetti <edward.vielmetti at gmail.com>
> A little thought experiment which I haven't tried yet.
> Using anycast, a single IP address can be routed to multiple machines in a
> data center or around the world.
> Is it at all possible that anycast and Wireguard would play together
> nicely? In particular, is it plausible that you could give a client an
> anycast address of a server to use as its endpoint, and that when it picked
> the correct / closest one that it would do the right thing?
> The naive approach would be to have all of the anycast devices share the
> same private/public key pair, but that has a bad smell. And I don't know
> what would happen if your routing changed in mid-connection.
> (anycast is the technology used to give name servers a single global
> address, like Google's 188.8.131.52 DNS)
> Edward Vielmetti +1 734 330 2465
> edward.vielmetti at gmail.com
> WireGuard mailing list
> WireGuard at lists.zx2c4.com
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the WireGuard