On Sun, 21 Jun 2020 15:54:00 +0200 Matthieu Herrb <matth...@openbsd.org> wrote: > Hi, > > I was wondering if there is a way to specify a routing domain/table > for wgendpoint in ifconfig(8). > > In a VPN client setup (roadwarrior style) I'd like to keep wg0 in > rdomain 0 and put the actual physical interface in rdomain 1. So that > all daemons (smtpd, unwind, ...) use the VPN by default and only the > strict minimum to setup the VPN runs in rdomain 1. > > Everything works if I set wg0 in rdomain1 and keep my re0 interface in > rdomain 0, but as soon as I set rdomain 1 for re0 and rdomain 0 for > wg0, the VPN cannot come up (and I see the UDP packets to port 51820 > trying to go out through wg0).
Yes, this is most certainly possible (I have this configuration in a couple of places). If you haven't found it yet, the "wgrtable" option (see ifconfig(8)) will allow you to achieve this.
