Wireguard over VPN broken on windows

Christopher Ng facboy at gmail.com
Mon Jun 22 12:56:22 CEST 2020


it worked for me on a local build, it never worked in any released version.

i've been playing around with a local build, if i comment out the
device.BindSocketToInterface calls in defaulltroutemonitor.go,
everything seems to work fine.  in a single config i have one peer on
an OpenVPN interface, and one on the default interface.  both are
connected, i can ping both peers over the wg interface.  why must the
socket be bound to a particular interface?  or perhaps i don't
understand what those calls do.



On Mon, 22 Jun 2020 at 09:23, Jason A. Donenfeld <Jason at zx2c4.com> wrote:
>
> > 59e556f on wireguard-go breaks
>
> 59e556f fixes a regression, which never shipped in any release. There
> is nothing here that "once worked and now doesn't." What you have in
> mind has never worked.
>
> We're currently using IP_UNICAST_IF on the wireguard socket, attaching
> it to the default route. I'd much rather have something like Linux's
> policy routing and suppress_prefixlen, but I don't know how to do that
> (yet?) on Windows. If you have any ideas or want to do some research,
> I'd certainly be very interested.


More information about the WireGuard mailing list