RFC: wg syncpeers wg0 wireguard.conf
Lonnie Abelbeck
lists at lonnie.abelbeck.com
Fri Jun 14 01:15:40 CEST 2019
> On Jun 11, 2019, at 12:28 PM, Jason A. Donenfeld <Jason at zx2c4.com> wrote:
>
> I gave it a stab in this branch:
> https://git.zx2c4.com/WireGuard/commit/?h=jd/syncconf Try it out and
> let me know if it does what you had in mind?
More testing, "syncconf" is working great.
A real world example, connecting over WG to a remote instance, using a web interface for remote WG management:
1) "Restart WireGuard VPN" takes 35 seconds (using "setconf"), 17 seconds for the WG peer to reestablish and the rest of the time is most likely the TCP backoff timers for the HTTPS web interface session, totaling 35 seconds.
2) "Reload WireGuard VPN" takes << 1 second (using "syncconf"), no noticeable impact at all, even when editing the AllowedIPs of the peer tunnel used for access.
Our project will be using Jason's elegant "syncconf" (above URL) as a patch, up until an official solution is committed.
Lonnie
More information about the WireGuard
mailing list