From: "Tomcsanyi, Domonkos" <domi@tomcsanyi.net>
To: Omkhar Arasaratnam <omkhar@gmail.com>
Cc: mailman-wireguard.com@johnnyutahh.com, wireguard@lists.zx2c4.com
Subject: Re: How to optimize AllowedIPs "overlapping" routes?
Date: Sat, 22 Apr 2023 13:43:28 +0200 [thread overview]
Message-ID: <52C0BA1D-015E-4A46-A32E-7359A3304996@tomcsanyi.net> (raw)
In-Reply-To: <CAHx9mscq6+n6jPZMLk5jVza1UDVcoXHd3VEce2P+R79ywiyHUA@mail.gmail.com>
The best way to deal with this IMHO in a multi platform way is adding weight or metric to the specific routes, allowing them to be manually prioritized.
Cheers,
Domi
> 22.04.2023 dátummal, 13:25 időpontban Omkhar Arasaratnam <omkhar@gmail.com> írta:
>
> Rather than using the route setup logic in wg-quick, you could
> manually set the default gateway for (1) and add a more specific route
> for (2) in your route table. iirc (in Linux anyway...) the more
> specific route would take higher precedence.
>
> --oa
>
>
> --oa
>
>
>> On Sat, Apr 22, 2023 at 7:18 AM Johnny Utahh
>> <mailman-wireguard.com@johnnyutahh.com> wrote:
>>
>> More discussion here:
>>
>> https://www.reddit.com/r/WireGuard/comments/12oimvq/how_to_optimize_allowedips_overlapping_routes/
>>
>> Clearly this is FAQ-ish kind of thing. It was a little hard for me to
>> easily find a reference for this kind of stuff. I realize the WireGuard
>> project may not consider it to be their responsibility to address such
>> things.
>>
>> ~J
>>
>>> On 2023-04-16 10:06 AM, Johnny Utahh wrote:
>>> 1. wg0.conf: AllowedIPs = 0.0.0.0/0, ::0/0 --> higher-latency network
>>> 2. wg1.conf: AllowedIPs = 192.168.7.0/24 --> much-lower-latency network
>>>
>>> When enabling both of the devices/.conf's (listed as 1. and 2. above)
>>> concurrently, the #2 route travels over #1 (all starting up via
>>> 'wg-quick'). In this scenario I'd prefer #2 routing "bypasses" #1 and
>>> retain its (#2's) lower-latency path/network. Can this be done, somehow?
>>>
>>> I deduce the "route" for #2 changes when concurrently-enabling #1
>>> because the #2-ping-latency immediately and dramatically increases to
>>> match #1-network's latency (and immediately reverts to #2's lower
>>> latency when #1 is disabled). This hurts my #2 network, badly.
>>>
>>> I'm running/testing the above on macOS v12.6.3 build 21G419,
>>> wireguard-go v0.0.20230223. If not on macOS, might this be feasible on
>>> Fedora or Ubuntu?
>>>
>>> I realize this might be a FAQ. I could not find any docs/resources to
>>> help after a brief search, so I'm posting here.
>>>
>>> [I'm not a networking expert, so I may be butchering various
>>> terminology, concepts. I apologize in advance for my ignorance.]
>>>
>>> ~J
prev parent reply other threads:[~2023-04-22 11:43 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-04-16 15:06 Johnny Utahh
2023-04-16 20:48 ` Johnny Utahh
2023-04-22 11:24 ` Omkhar Arasaratnam
2023-04-22 11:43 ` Tomcsanyi, Domonkos [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=52C0BA1D-015E-4A46-A32E-7359A3304996@tomcsanyi.net \
--to=domi@tomcsanyi.net \
--cc=mailman-wireguard.com@johnnyutahh.com \
--cc=omkhar@gmail.com \
--cc=wireguard@lists.zx2c4.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).