date:20170220

Re: [wireguard-devel] About ip management

2017-02-20 Thread nicolas prochazka

Thanks
These are good ideas to explore
Regards,
Nicolas

2017-02-20 13:48 GMT+01:00 Dan Lüdtke :

> Hi Nicolas,
>
>
> > On 17 Feb 2017, at 15:03, nicolas prochazka 
> wrote:
> > I hope not to have misunderstood ip management with wireguard,
> > in a "server mode operation" , as many peers -> one peer ( server ) ,
> > private ip configuration must be coherent.
>
> There is no need for private (assuming you mean RFC1918) addresses, but of
> course it works with private IPs as well as with public IP addresses.
>
>
> > In fact, as server / client example in contrib, server must delivery ip
> to clients, there's no way for client to know good private_ip .
>
> Unless it is configured statically, which is what I suggest doing. There
> is plenty of IP space to use. Think of ULA or subprefixes of you GU(s). A
> single /64 should be sufficient to address all your clients uniquely per
> "server wg interface". The situation for legacy IP is also not that bad.
> RFC1918 space is huge, and there is also RFC6598 to pick from. Why don't
> just roll out IP configurations the same way you roll out WireGuard
> configuration? It's just a line more in the config when you use wg-quick.
>
>
> > We cannot use dhcp, layer 3 , so ...
>
> That's true for legacy IP. It does not hold true for state-of-the-art IP.
>
>
> > we need to implement a pool ip manager , is it correct ?
>
> I do not really know what you are referring to when you write "pool ip
> manager", but if you want to distribute IP configuration data inside the wg
> tunnel, you would need to configure static addresses to bootstrap that
> from. This might change in the future, as Jason said to be working in OOB
> features. IP management would then take place in user space mostly/entirely.
>
> Hope that helps!
>
> Cheers,
>
> Dan
___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: (Unofficial) wireguard packages for Debian Stretch (testing)

2017-02-20 Thread Ibrahim Tachijian

I for one would love to be able to try WireGuard on Debian Jessie on 3.16
kernel.

The reason being is I do not see myself upgrading and/or running a
backported linux kernel for the foreseeable future.

Are there any limitations in 3.16 kernel when it comes to Wireguard
capabilities ?

Thanks,

On Tue, Feb 21, 2017 at 12:53 AM David Anderson  wrote:

On Fri, Feb 17, 2017 at 11:49 AM, Daniel Kahn Gillmor  wrote:

On Thu 2017-02-16 22:14:11 -0500, David Anderson wrote:
> The transcript below still shows one additional package being pulled from
> sid/main, the dkms package. I find this strange: wireguard-dkms depends on
> dkms >=2.1.0.0, stretch has dkms 2.3-2, and sid has dkms 2.3-3. Despite
the
> negative priority for unstable, apt picks 2.3-3 from sid, even though the
> dependency could be satisfied out of stretch. What am I missing?

That is indeed weird.  what does "apt-cache policy dkms" show you?

# apt-cache policy dkms
dkms:
  Installed: (none)
  Candidate: 2.3-2
  Version table:
 2.3-3 -1
-10 http://ftp.us.debian.org/debian sid/main amd64 Packages
100 /var/lib/dpkg/status
 2.3-2 500
500 http://ftp.us.debian.org/debian stretch/main amd64 Packages

what if you "apt install dkms" on its own first, which version do you
get?

# apt install -d dkms
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
  fakeroot gcc libfakeroot linux-headers-amd64
Suggested packages:
  python3-apport menu gcc-multilib autoconf automake libtool flex bison gdb
gcc-doc
The following NEW packages will be installed:
  dkms fakeroot gcc libfakeroot linux-headers-amd64
0 upgraded, 5 newly installed, 0 to remove and 0 not upgraded.
Need to get 217 kB of archives.
After this operation, 717 kB of additional disk space will be used.
Do you want to continue? [Y/n]
Get:1 http://ftp.us.debian.org/debian stretch/main amd64 gcc amd64
4:6.3.0-1 [5,184 B]
Get:2 http://ftp.us.debian.org/debian stretch/main amd64 dkms all 2.3-2
[74.8 kB]
Get:3 http://ftp.us.debian.org/debian stretch/main amd64 libfakeroot amd64
1.21-3.1 [45.7 kB]
Get:4 http://ftp.us.debian.org/debian stretch/main amd64 fakeroot amd64
1.21-3.1 [85.6 kB]
Get:5 http://ftp.us.debian.org/debian stretch/main amd64
linux-headers-amd64 amd64 4.9+78 [5,744 B]
Fetched 217 kB in 0s (328 kB/s)
Download complete and in download only mode

Looks like installing just dkms correctly selects from Stretch, whereas
installing as a dependency of wireguard-dkms pulls in the sid version.

- Dave

--dkg

___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard
___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: [wireguard-devel] About ip management

Re: (Unofficial) wireguard packages for Debian Stretch (testing)

2 matches

Site Navigation

Mail list logo

Footer information