Thoughts on wg-dynamic
Arti Zirk
arti.zirk at gmail.com
Mon Apr 6 10:28:33 CEST 2020
On P, 2020-04-05 at 19:43 -0400, Reid Rankin wrote:
> However, I've taken it one step further, by using
> cryptographically-generated addresses; each peer automatically gets
> fe80:(truncated hash of pubkey)/128 stuck in its allowed IP list.
> (I'm considering harmonizing this address generation algorithm with
> RFC3972 in the future.) This means that initiating the protocol
> requires no configuration other than the public key of the peer you'd
> like to contact.
While back there was a tool posted to this mailing list[0] that
generated WireGuard IP aadresses from the public key called wg-ip[1].
It would simplify things if that or some other link-local IP genration
algorithm would get integrated into wg-quick toolset.
I have also written a Python version of wg-ip generation algorithm that
might me slightly easier to read[2].
[0] https://lists.zx2c4.com/pipermail/wireguard/2018-April/002593.html
[1] https://github.com/chmduquesne/wg-ip
[2] https://gist.github.com/artizirk/c91e4f8c237dec07e3ad1b286f1855a7
More information about the WireGuard
mailing list