Thoughts on wg-dynamic

Arti Zirk arti.zirk at
Mon Apr 6 10:28:33 CEST 2020

On P, 2020-04-05 at 19:43 -0400, Reid Rankin wrote:
> However, I've taken it one step further, by using
> cryptographically-generated addresses; each peer automatically gets
> fe80:(truncated hash of pubkey)/128 stuck in its allowed IP list.
> (I'm considering harmonizing this address generation algorithm with
> RFC3972 in the future.) This means that initiating the protocol
> requires no configuration other than the public key of the peer you'd
> like to contact.

While back there was a tool posted to this mailing list[0] that
generated WireGuard IP aadresses from the public key called wg-ip[1].

It would simplify things if that or some other link-local IP genration
algorithm would get integrated into wg-quick toolset.

I have also written a Python version of wg-ip generation algorithm that
might me slightly easier to read[2].


More information about the WireGuard mailing list