RFC: wg syncpeers wg0 wireguard.conf
Rene 'Renne' Bartsch, B.Sc. Informatics
ml at bartschnet.de
Mon Jun 10 14:34:26 CEST 2019
Hi Lonnie,
I agree. If a peer could push updated information of a remote peer (e.g. ip address, port) to all other peers it would be great, too.
Regards,
Renne
Am 09.06.19 um 21:59 schrieb Lonnie Abelbeck:
> Hi List, Request For Comments:
>
> I would find it useful if "wg" would support a "syncpeers" subcommand.
> --
> Usage: wg syncpeers <interface> <configuration filename>
> --
> Available subcommands:
> syncpeers: Synchronizes a configuration file of peers to a WireGuard interface
> --
>
> Given:
> - A user creates a wireguard.conf file.
>
> - Uses "wg setconf wg0 wireguard.conf" to apply the configuration.
>
> Request:
> - Later, a user edits a wireguard.conf file: adds peers, deletes peers, and/or edits peers.
>
> - Use "wg syncpeers wg0 wireguard.conf" to synchronize the configuration file of peers with the current state.
>
> - Synchronize changes with minimal impact, determine peer differences and leave unchanged settings alone.
>
> - Basically internally using "wg set wg0 ..." to make the minimum changes.
>
> - If the [Peer] Endpoint is a DNS hostname, the Endpoint will be resolved and IP updated.
>
> Note: Interestingly, "wg setconf wg0 wireguard.conf" *almost* performs as requested except for a 17 second interruption of the tunnel *if* PersistentKeepalive is 0. Even if PersistentKeepalive is 3600, a "wg setconf wg0 wireguard.conf" will not effect an active tunnel except for resetting traffic counters.
>
> I understand a script could be created to perform this as well, but adding it to "wg" lowers the hurdle for many users.
>
> If the 17 second interruption of active tunnels while using "wg setconf wg0 wireguard.conf" could be eliminated, this request may be moot.
>
> Comments please.
>
> Lonnie
>
> _______________________________________________
> WireGuard mailing list
> WireGuard at lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/wireguard
>
More information about the WireGuard
mailing list