WG default routing
Henning Reich
henning.reich at gmail.com
Mon Jan 4 13:38:23 UTC 2021
Hi,
you can control the traffic is routed with the AllowedIPs option. If
you use 0.0.0.0/0, all traffic is routed through the wireguard tunnel.
If you just allow for example 10.10.10.10/32 only 10.10.10.10 is
allowed. 10.10.0.0/16,192.168.1.0/24 will allow
10.10.0.0-10.10.254.254 and 192.168.1.0-192.168.1.254 and so on...
I use
[Peer]
PublicKey = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
AllowedIPs = 172.16.16.0/24,10.10.0.0/16,10.0.0.0/16
Endpoint = 123.123.123.123:12346
PersistentKeepalive=30
Am Mo., 4. Jan. 2021 um 13:40 Uhr schrieb Chris Osicki <wg at osk.ch>:
>
> Hi
>
> I am quite new to wireguard, moving after years of OpenVPN, and found it simple and _really good_.
> One thing, however, makes me wonder. Why WG tries always to take over all my routing?
> My first try was with wg-quick, and noticed all my traffic went through the WG-VPN connection.
> It escapes me why. What is the idea behind this policy?
>
> On my Linux boxes it's not a problem, I don't have to use wg-quick and with few lines of bash in a script I have what I need. I have root.
> On my Android devices I don't have root, and I cannot change anything in routing etc.
> Why don't you provide an option to specify which net to route which way?
>
> Regards,
> Chris
More information about the WireGuard
mailing list