On Sat, 08 Jun 2024 15:56:06 +0100,
Stuart Henderson <stu.li...@spacehopper.org> wrote:
>
> I think this should be possible with the standard route table, without
> route-to. Essentially you need:
>
> 1. your machine to answer arp for the wg ip so other hosts will send
> ethernet packets to it
>
> 2. your machine to not be configured with the wg ip itself
>
> 3. route entries such that those packets end up sent out the wg interface
> (you may possibly need a route command with -ifp wg0)
>
Thanks, after re-reading map page for route I was able to figure it out in
quite simple way, without NAT, routing domain, dedicated MAC which was added
to separate things with hope to make things easy.
So, here the resulted config:
Client:
rdomain 1
wgrtable 0
wgkey ...
wgpeer ... \
wgendpoint 1.2.3.4 51820 \
wgaip 0.0.0.0/0 \
wgpka 25 \
wgpsk ...
inet 1.2.4.5/28
up
!route -T 1 add default 1.2.4.1
Server:
wgkey ...
wgpeer ... \
wgaip 1.2.4.5/32 \
wgpka 25 \
wgpsk ...
wgport 51820
inet 127.255.255.255/32
up
!route add -inet 1.2.4.5 -llinfo -link -static -iface \$if
Without inet 127.255.255.255/32 adding a static route fails as:
add host 1.2.4.5: gateway wg0: Network is unreachable
--
wbr, Kirill
