Hello,
On a "server side" I've for example these peers, and i want to send a
ipv6 multicast group
ff02::1
How can I do that with peer / allowed-ips routing ?
Regards
Nicolas
interface: wg0
public key: **
private key: (hidden)
listening port: 6081
peer:
preshared
t; On K, 2020-05-27 at 11:01 +0200, nicolas prochazka wrote:
> > How can i know that a packet come from peer X ?
> You can check which peers allowed ips list covers the received packets
> source ip
>
> > Is is possible to mark packet not a level interface (wg0) but at peer
&
Hello,
Using one wireguard Interface, with multiple peer
How can i know that a packet come from peer X ?
Is is possible to mark packet not a level interface (wg0) but at peer level ?
I can dump packet at wg0 but i lost the peer origin.
Thanks,
Nicolas
interface: wg0
public key: A
private
,
but if i'm trying to be more restrictive, as ff05::/32 for example,
it does not work.
Is a specific interaction between allowed-ips and multicast group in ipv6 ?
Regards,
Nicolas Prochazka.
Hello,
Is it possible to add/remove Allowed-ip in peer description without
modify configuration file or using wg set command,
I think about wg peer add|remove allowed-ip
Regards,
Nicolas Prochazka
___
WireGuard mailing list
WireGuard@lists.zx2c4.com
Hello,
We need to compile wireguard-go on linux, because we are using a closed
linux, under we cannot compile module,
how can we do ? make on wireguard-go tells us that is not recommend on linux
Regards,
Nicolas Prochazka
___
WireGuard mailing list
hello,
just to say you, as a simple end user
we are using wireguard since one year for our product,
we have 10K tunnels deployed ,
wireguard is perfect for us, very simple, we can develop our specific
code on top of if ( key management , )
so +1 for jason vision
thanks for this piece of code
ok and thanks
nicolas
https://www.avast.com/sig-email?utm_medium=email_source=link_campaign=sig-email_content=webmail;
target="_blank">https://ipmcdn.avast.com/images/icons/icon-envelope-tick-round-orange-animated-no-repeat-v1.gif;
alt="" width="46" height="29" style="width: 46px;
Ok,
To be more precise, the uses cases are :
services ( as daemon ) are listening on specifiq interface/Ipv6
address to secure and active service by client, with only one
interface, it is not possible, aliasing seems to be not relevant.
However i can understand that is not the problem of wireguard
Hello,
i known, but we are using one interface by customer, each interface
manages multiple peers ( > 500 )
as
wg_interface0 = client 0 = 500 peers
wf_interfacen= client n = 500 peers
at this moment, only one interface wg0 manage all peers and all
customers , it's very complicating for the
..
With mutliple interface, all is good in term of performance with the
last release , but each interface must have it's own port, that is
not possible to manage ( different port by client )
Is there a solution ?
Regards,
Nicolas Prochazka
___
WireGuard
ing
> packet matches the allowed-ips of the other machine.
>
> --
> Sent from my telephone.
>
> On Sep 20, 2017 17:11, "nicolas prochazka" <prochazka.nico...@gmail.com>
> wrote:
>
> Hello, can somebody tells me what I do wrong :
> I can ping from
seems strange
wireguard : v0.0.20170918]
kernel : 4.9.23 on client1
kernel : 4.4.0 on server 1
Regards,
Nicolas Prochazka
Server 1 :
ifconfig neocoretech_rd
neocoretech_rd Link encap:UNSPEC HWaddr
00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet6 addr: fd00:14::8b5:8aff:fe85:f
interfaces with 500 tunnels
(peer) for each .
Nicolas
2017-06-14 16:15 GMT+02:00 Jason A. Donenfeld <ja...@zx2c4.com>:
> On Wed, Jun 14, 2017 at 3:50 PM, nicolas prochazka
> <prochazka.nico...@gmail.com> wrote:
>> At this moment, we are using 3000 wg tunnel on a single wiregua
hello,
after create of wg interface, kworker thread does not return to a
normal state in my case,
kernel thread continues to consume a lot of cpu .
I must delete wireguard interface to kworker decrease.
Nicolas
2017-06-13 23:47 GMT+02:00 Jason A. Donenfeld :
> Hi Nicolas,
>
> It
Hello again,
with 0.0.20170613 , i can reproduce a big kworker cpu time consumption
Regards,
nicolas
2017-06-13 14:48 GMT+02:00 Jason A. Donenfeld :
> Hi Nicolas,
>
> I'll look into this. However, you need to update WireGuard to the
> latest version, which is 0.0.20170613. I
t; You were simply missing traffic shaping support for IPv6 in your kernel?
> Which symbols were needed?
>
> Thanks,
> Baptiste
>
> On Wed, Mar 08, 2017 at 02:39:23PM +0100, Nicolas Prochazka wrote:
> > hello,
> > to close, it's working perfectly well in ipv4 and then whe
is wg0 is configured as ipv6 tunnel.
Regards,
NIcolas
2017-03-06 18:40 GMT+01:00 Nicolas Prochazka <nicolas.procha...@gmail.com>:
> Hello,
> is there an incompatibilty between wireguard and traffic shaping or i
> misconfig something ?
>
> After configuring Qos , I need
trying with tc + iptables,
tc filter add dev wg0 protocol ip parent 1: prio 1 handle 6 fw flowid 1:10
and iptables mark rules,
traffic seems to be not "apply" to queue .
Regards,
Nicolas Prochazka.
-
Example : after this configuration, traffic on wg0 on port 80,443,8080 are
goi
ble to implement an auto purge of old
peer ?
Regards,
Nicolas Prochazka.
___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard
your head it
> becomes clearer.
>
> HTH
>
> Dan
>
> > On 24 Feb 2017, at 11:41, Nicolas Prochazka <nicolas.procha...@gmail.com>
> wrote:
> >
> > hello again,
> > my configuration ,
> > ping peer 1-->peer 2 : ok ( on ipv6 wg0
you are right, sorry.
I do a lot of tests and sometime it seems wireguard is in a "strange"
state, I'm trying to reproduce.
A question :
When I've the dmesg, "could not create ipv4 socket", i cannot rmmod
wireguard from kernel.
I'm trying
ip link del dev wg0 ,
rmmod wireguard
there's no
Hello, i'm trying to do this with wireguard, withtout success :
peer1 ---> peer2 : config ok , works
peer3 ---> peer1 : config ok , works
peer3 --->peer1 ---> peer2 : not ok .
I suspect allowed-ip configuration, but all my tests does not works.
perhaps I must create two wireguard interface
Thanks
These are good ideas to explore
Regards,
Nicolas
2017-02-20 13:48 GMT+01:00 Dan Lüdtke <m...@danrl.com>:
> Hi Nicolas,
>
>
> > On 17 Feb 2017, at 15:03, nicolas prochazka <prochazka.nico...@gmail.com>
> wrote:
> > I hope not to have misund
ay for
client to know good private_ip .
We cannot use dhcp, layer 3 , so ...
we need to implement a pool ip manager , is it correct ?
Regards,
Nicolas Prochazka.
___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard
hello,
sorry for my english.
This question(udp tunnel ..) is not relevant, I learn a lot with the read
of mailing list.
Regards,
Nicolas
2017-02-17 14:48 GMT+01:00 Jason A. Donenfeld <ja...@zx2c4.com>:
> On Wed, Feb 15, 2017 at 11:12 AM, Nicolas Prochazka
> <nicolas.procha...@g
26 matches
Mail list logo