From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: matthias@urlichs.de Received: from krantz.zx2c4.com (localhost [127.0.0.1]) by krantz.zx2c4.com (ZX2C4 Mail Server) with ESMTP id 31c1b5df for ; Wed, 22 Nov 2017 16:34:38 +0000 (UTC) Received: from netz.smurf.noris.de (netz.smurf.noris.de [213.95.21.43]) by krantz.zx2c4.com (ZX2C4 Mail Server) with ESMTP id 4846426b for ; Wed, 22 Nov 2017 16:34:38 +0000 (UTC) Received: from [2001:780:107:0:1278:d2ff:fea3:d4a6] by netz.extern.smurf.noris.de with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.89) (envelope-from ) id 1eHY3O-0004Gw-0E for wireguard@lists.zx2c4.com; Wed, 22 Nov 2017 16:39:15 +0000 Subject: Re: roaming and ddns dynamic ip To: wireguard@lists.zx2c4.com References: From: Matthias Urlichs Message-ID: <1894f6f6-25bf-206b-24da-59187e6114fe@urlichs.de> Date: Wed, 22 Nov 2017 17:39:13 +0100 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 List-Id: Development discussion of WireGuard List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , On 22.11.2017 17:00, d tbsky wrote: > when client is behind firewall via nat to internet, and server has > dynamic ip, I don't think keepalive will help. since the changed > server can not connect to client, it needs client to initial the > connection. under openvpn, keepalive can detect broken link and try to > restart itself, then client can reconnect to server automatically. That situation calls for userspace (on the client) to monitor the connection and update the peer address, if it changed. The kernel side's job would be to be sufficiently monitor-able via netlink – polling is evil – so that a userspace tool can actually do this. -- -- Matthias Urlichs