Indeed this is how you typically set up a multihomed service (addresses
on lo and then announce that using BGP or something).
If you use one of the network links directly for the service and that
link network goes down (it may not even be in your AS so you may not
know?) then the service is of
This is indeed the case for me, spot on.
On 2021-06-07 13:46, Roman Mamedov wrote:
So this same host that just generated the 1574-byte encapsulated VXLAN packet
with something it received via its eth0 port, now needs to send it further to
its WG peer(s). For this to succeed, the in-tunnel WG MTU
This would break things for me. We're doing a lot of L2 over L3 site to
site stuff and we are using wireguard as the outer layer. Inner layer is
vxlan or l2tpv3.
In particular, people connect lots of stuff with no regard for MTU. For
some things it's also very hard to change so we just assume