hello again, 
my configuration , 
ping peer 1-->peer 2  : ok   ( on ipv6 wg0 ) 
ping peer 3 --> peer 1 : ok 
ping peer3 --peer1--->peer2 : not ok .


On peer 1 , forwarding is setting
net.ipv6.conf.all.forwarding = 1
net.ipv4.conf.all.forwarding = 1


Peer 1 : wg configuration  

interface: wg0
  public key: q5ypTBI7bN0vPGzvlGYyF6pCqYgrDsEjO827duAwjX4=
  private key: (hidden)
  listening port: 6081

peer: dOXT9AvlEt9KSl3ricE12GuVa+U4XB0s1c92s8W+9VA=
  endpoint: 52.49.x.x:6081
  allowed ips: ::/0
  latest handshake: 8 seconds ago
  transfer: 71.29 KiB received, 60.28 KiB sent
  persistent keepalive: every 25 seconds

peer: bqwiLTe/hr0JJMz3IvnDXqS5nOT6u/WL75dasmTE/ko=
  endpoint: 10.10.0.69:6081
  allowed ips: fd00::baae:edff:fe72:5094/128
  latest handshake: 45 seconds ago
  transfer: 5.49 KiB received, 6.36 KiB sent


Peer 3 : 


interface: wg0
  public key: bqwiLTe/hr0JJMz3IvnDXqS5nOT6u/WL75dasmTE/ko=
  private key: (hidden)
  listening port: 6081

peer: q5ypTBI7bN0vPGzvlGYyF6pCqYgrDsEjO827duAwjX4=
  endpoint: 10.10.99.230:6081
  allowed ips: ::/0
  latest handshake: 33 seconds ago
  transfer: 4.92 KiB received, 7.55 KiB sent
  persistent keepalive: every 25 seconds


Peer 2 : 

interface: wg0
  public key: dOXT9AvlEt9KSl3ricE12GuVa+U4XB0s1c92s8W+9VA=
  private key: (hidden)
  listening port: 6081

peer: q5ypTBI7bN0vPGzvlGYyF6pCqYgrDsEjO827duAwjX4=
  endpoint: 77.156.x.x:58943
  allowed ips: fd00::eea8:6bff:fef9:23bc/128
  latest handshake: 1 minute, 43 seconds ago
  transfer: 52.59 KiB received, 79.01 KiB sent


2017-02-23 14:41 GMT+01:00 Dan Lüdtke <mail@danrl.com>:
Nicolas: Could you provide the configuration files? Because from your little graphic or schema I can not even derive what you are configuring. I guess there is something overlapping prefixes maybe?

Jason: I think we are approaching the point in time when there will be a -dev and a -users ML :)


> On 23 Feb 2017, at 14:03, Nicolas Prochazka <nicolas.prochazka@gmail.com> wrote:
>
> Hello, i'm trying to do this with wireguard, withtout success :
>
> peer1 ---> peer2   : config ok , works
> peer3 ---> peer1  : config ok , works
> peer3 --->peer1 ---> peer2  : not ok .
>
> I suspect allowed-ip configuration, but all my tests does not works.
> perhaps I must create two wireguard interface on peer 1 and do forwarding/routing ?
> i'm using ipv6 as internal ip.
>
> so my question is :
> - two interface ?
> - specifiq magic allowedip ?
> ( allowed ip is confusing for, it is using for routing and for evicting paquet ? )
>
> Regards,
> Nicolas
> _______________________________________________
> WireGuard mailing list
> WireGuard@lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/wireguard