From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Jason@zx2c4.com Received: from krantz.zx2c4.com (localhost [127.0.0.1]) by krantz.zx2c4.com (ZX2C4 Mail Server) with ESMTP id f3532f79 for ; Sun, 15 Jan 2017 09:51:00 +0000 (UTC) Received: from frisell.zx2c4.com (frisell.zx2c4.com [192.95.5.64]) by krantz.zx2c4.com (ZX2C4 Mail Server) with ESMTP id 24f05fa5 for ; Sun, 15 Jan 2017 09:51:00 +0000 (UTC) Received: by frisell.zx2c4.com (ZX2C4 Mail Server) with ESMTP id 48971ba6 for ; Sun, 15 Jan 2017 09:50:59 +0000 (UTC) Received: by frisell.zx2c4.com (ZX2C4 Mail Server) with ESMTPSA id fbfb5203 (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128:NO) for ; Sun, 15 Jan 2017 09:50:59 +0000 (UTC) Received: by mail-oi0-f50.google.com with SMTP id j15so86398761oih.2 for ; Sun, 15 Jan 2017 02:01:20 -0800 (PST) MIME-Version: 1.0 In-Reply-To: References: <6d000312-635f-a361-200a-936da7ce7e17@web.de> <89477ad4-b015-d0a1-1c05-ea6600b2f464@web.de> <20170108141216.GB6421@tuxmachine.polynome.dn42> <20170108225732.GC9445@tuxmachine.polynome.dn42> From: "Jason A. Donenfeld" Date: Sun, 15 Jan 2017 11:01:19 +0100 Message-ID: Subject: Re: Multiple Endpoints To: em12345 Content-Type: text/plain; charset=UTF-8 Cc: WireGuard mailing list List-Id: Development discussion of WireGuard List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Hey Em, Circling back to this thread, indeed Baptiste was right. While the existing situation will likely work fine with NAT, it won't work as nicely with a strict stateful firewall, when the server IP is dynamic and changing. So, there's some headway to be made with Baptiste's multi-endpoint idea. But in the interim, it seems likely the best mechanism to use would be some userspace solution to check periodically if the dynamic IP has changed, and to update the wireguard device accordingly. Hopefully I'll implement some kind of userspace notification logic so this can be more fine grained than a cronjob. I'll let you know how this progresses. Jason