Wireguard in OpenVZ with NETIF_F_VIRTUAL feature
Benedikt Braunger
b.braunger at syseleven.de
Tue Jul 9 10:30:44 CEST 2019
Hello Wireguards,
I've been testing wireguard with OpenVZ/Virtuozzo containers [1] which
is based on CentOS and figured out that it is not possible to create a
wireguard net interface within a container. However it is possible to
create it on the host machine and then move it to the containers network
namespace.
I contacted the Virtuozzo Support about this behaviour and they figured
out the reason and released a workaround with a wireguard patch [2]
I have two requests now
* can someone explain me why the `NETIF_F_VIRTUAL` feature is missing in
[3]? Is this somehow purpose?
* if not, would anything object to merge a patch like this to Wireguard?
Thanks in advance!
Beni
[1] https://de.wikipedia.org/wiki/OpenVZ
[2] https://wiki.openvz.org/VPN_using_Wireguard
[3] https://github.com/WireGuard/WireGuard/blob/master/src/device.c
More information about the WireGuard
mailing list