BGP over multiple wireguard vpn link

Mike O'Connor mike at pineview.net
Sat Feb 8 11:30:12 CET 2020


Hi Miki

I'm doing basically what your talking about but with OSPF.

I do not use wg-quick, instead I configure the Wireguard in the network
interface file like /etc/network/interface on all the machines.

iface wg-p2p inet static
            address xxx.xxx.xxx/xxx
            pre-up ip link add $IFACE mtu 1500 type wireguard
            pre-up wg setconf $IFACE /etc/wireguard/$IFACE.conf
            post-down ip link del $IFACE

Central machines I'll list the allowed ip addresses from the individual
peers.

On the peers I'll have an allow all like
AllowedIPs = 0.0.0.0/0, ::/0

The allow all ip's on each peer does not add a route but does allow any
traffic to be sent to the central system.

>From that point you can configure any dynamic routing system you want.

Mike


On 17/1/20 9:23 pm, Roberto 007 wrote:
> Hello Wireguard team,
>
> I would like to test multiple VPN links with BGP which is for
> controlling traffic.
> I have no problem to make BGP over multiple links but once I tried to
> ping then I found a problem because I cannot set Allowed-IPs 0.0.0.0/0
> <http://0.0.0.0/0> to all the wireguard links.
>
> My question is that this kind of configuration is not supported
> wireguard? 
>
> I could make it with IPSec without any issues.
>
> If you could give us some advice, it would be greatly appreciated.
>
> Thanks and best regards,
> Miki
>
>
> _______________________________________________
> WireGuard mailing list
> WireGuard at lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/wireguard


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/wireguard/attachments/20200208/11186cbb/attachment.html>


More information about the WireGuard mailing list