Road Warrior config with fwmark

Development discussion of WireGuard
 help / color / mirror / Atom feed

From: Bruno Wolff III <bruno@wolff.to>
To: WireGuard mailing list <wireguard@lists.zx2c4.com>
Subject: Road Warrior config with fwmark
Date: Tue, 14 Nov 2017 10:34:53 -0600	[thread overview]
Message-ID: <20171114163453.GA27547@wolff.to> (raw)

It would be nice if fwmark was mentioned on https://www.wireguard.com/netns/ 
when covering routing all of your traffic through your tunnel for Road 
Warrior setups.

I noticed the fwmark support when looking at tools/wg-quick.bash. 
fwmark can be used to set up routing configurations that are essentially 
(they don't give bogus addresses) independent of the local network 
configuration. So no special action needs to be taken as you move from 
one wireless network to another. This makes the rules based approach much 
more competitive with the namespace technique.

I have this working on my laptop, but I want to tweak my router so that 
I don't need to have special iptables rules on my home network.

I have things set up to give my laptop the same static IP address, no matter 
where it is located.

next             reply	other threads:[~2017-11-14 16:31 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-11-14 16:34 Bruno Wolff III [this message]
2017-11-15  8:34 ` Bruno Wolff III

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20171114163453.GA27547@wolff.to \
    --to=bruno@wolff.to \
    --cc=wireguard@lists.zx2c4.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).