Routing to a network behind a node

Development discussion of WireGuard
 help / color / mirror / Atom feed

From: "M. Dietrich" <mdt@emdete.de>
To: WireGuard mailing list <wireguard@lists.zx2c4.com>
Subject: Routing to a network behind a node
Date: Sat, 08 Sep 2018 11:06:33 +0200	[thread overview]
Message-ID: <1536396708.rkbb1jpywa.astroid@morple.none> (raw)

[-- Attachment #1: Type: text/plain, Size: 1031 bytes --]

Hi,

i have setup a wg vpn with several nodes, lets say in a
network 172.16.215.0/24. one of the boxes (ip 172.16.215.2) in
that network has an interface to a different network with
additional boxes, lets say 172.16.0.0/24. i would like to
reach the boxes in that network directly so i established a
route on another node in the wg network (172.16.215.1) like
this:

	ip route add 172.16.0.0/24 via 172.16.215.2

but once i ping 172.16.0.1 i get the error

	From 172.16.215.1 icmp_seq=1 Destination Host Unreachable
	ping: sendmsg: Required key not available

it seems the package reaches wireguard but wireguard doesnt
know the "via" and tells it has no key to route to 172.16.0.1
which is fine. but why doesn wg honour the via and send it to
the router 172.16.215.2?

i think its more or less whats done if you route all your
traffic through wg so i assume i do a terrible stupid mistake
(i am no network or kernel routing expert which may be an
excuse), can someone help?

best regards,
M. Dietrich

[-- Attachment #2: Type: application/pgp-signature, Size: 833 bytes --]

next             reply	other threads:[~2018-09-08  9:06 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-09-08  9:06 M. Dietrich [this message]
2018-09-08 10:23 ` Steven Honson
2018-09-08 19:54   ` M. Dietrich

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1536396708.rkbb1jpywa.astroid@morple.none \
    --to=mdt@emdete.de \
    --cc=wireguard@lists.zx2c4.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).