* How to optimize AllowedIPs "overlapping" routes?
@ 2023-04-16 15:06 Johnny Utahh
2023-04-16 20:48 ` Johnny Utahh
0 siblings, 1 reply; 4+ messages in thread
From: Johnny Utahh @ 2023-04-16 15:06 UTC (permalink / raw)
To: wireguard
1. wg0.conf: AllowedIPs = 0.0.0.0/0, ::0/0 --> higher-latency network
2. wg1.conf: AllowedIPs = 192.168.7.0/24 --> much-lower-latency network
When enabling both of the devices/.conf's (listed as 1. and 2. above)
concurrently, the #2 route travels over #1 (all starting up via
'wg-quick'). In this scenario I'd prefer #2 routing "bypasses" #1 and
retain its (#2's) lower-latency path/network. Can this be done, somehow?
I deduce the "route" for #2 changes when concurrently-enabling #1
because the #2-ping-latency immediately and dramatically increases to
match #1-network's latency (and immediately reverts to #2's lower
latency when #1 is disabled). This hurts my #2 network, badly.
I'm running/testing the above on macOS v12.6.3 build 21G419,
wireguard-go v0.0.20230223. If not on macOS, might this be feasible on
Fedora or Ubuntu?
I realize this might be a FAQ. I could not find any docs/resources to
help after a brief search, so I'm posting here.
[I'm not a networking expert, so I may be butchering various
terminology, concepts. I apologize in advance for my ignorance.]
~J
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: How to optimize AllowedIPs "overlapping" routes?
2023-04-16 15:06 How to optimize AllowedIPs "overlapping" routes? Johnny Utahh
@ 2023-04-16 20:48 ` Johnny Utahh
2023-04-22 11:24 ` Omkhar Arasaratnam
0 siblings, 1 reply; 4+ messages in thread
From: Johnny Utahh @ 2023-04-16 20:48 UTC (permalink / raw)
To: wireguard
More discussion here:
https://www.reddit.com/r/WireGuard/comments/12oimvq/how_to_optimize_allowedips_overlapping_routes/
Clearly this is FAQ-ish kind of thing. It was a little hard for me to
easily find a reference for this kind of stuff. I realize the WireGuard
project may not consider it to be their responsibility to address such
things.
~J
On 2023-04-16 10:06 AM, Johnny Utahh wrote:
> 1. wg0.conf: AllowedIPs = 0.0.0.0/0, ::0/0 --> higher-latency network
> 2. wg1.conf: AllowedIPs = 192.168.7.0/24 --> much-lower-latency network
>
> When enabling both of the devices/.conf's (listed as 1. and 2. above)
> concurrently, the #2 route travels over #1 (all starting up via
> 'wg-quick'). In this scenario I'd prefer #2 routing "bypasses" #1 and
> retain its (#2's) lower-latency path/network. Can this be done, somehow?
>
> I deduce the "route" for #2 changes when concurrently-enabling #1
> because the #2-ping-latency immediately and dramatically increases to
> match #1-network's latency (and immediately reverts to #2's lower
> latency when #1 is disabled). This hurts my #2 network, badly.
>
> I'm running/testing the above on macOS v12.6.3 build 21G419,
> wireguard-go v0.0.20230223. If not on macOS, might this be feasible on
> Fedora or Ubuntu?
>
> I realize this might be a FAQ. I could not find any docs/resources to
> help after a brief search, so I'm posting here.
>
> [I'm not a networking expert, so I may be butchering various
> terminology, concepts. I apologize in advance for my ignorance.]
>
> ~J
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: How to optimize AllowedIPs "overlapping" routes?
2023-04-16 20:48 ` Johnny Utahh
@ 2023-04-22 11:24 ` Omkhar Arasaratnam
2023-04-22 11:43 ` Tomcsanyi, Domonkos
0 siblings, 1 reply; 4+ messages in thread
From: Omkhar Arasaratnam @ 2023-04-22 11:24 UTC (permalink / raw)
To: mailman-wireguard.com; +Cc: wireguard
Rather than using the route setup logic in wg-quick, you could
manually set the default gateway for (1) and add a more specific route
for (2) in your route table. iirc (in Linux anyway...) the more
specific route would take higher precedence.
--oa
--oa
On Sat, Apr 22, 2023 at 7:18 AM Johnny Utahh
<mailman-wireguard.com@johnnyutahh.com> wrote:
>
> More discussion here:
>
> https://www.reddit.com/r/WireGuard/comments/12oimvq/how_to_optimize_allowedips_overlapping_routes/
>
> Clearly this is FAQ-ish kind of thing. It was a little hard for me to
> easily find a reference for this kind of stuff. I realize the WireGuard
> project may not consider it to be their responsibility to address such
> things.
>
> ~J
>
> On 2023-04-16 10:06 AM, Johnny Utahh wrote:
> > 1. wg0.conf: AllowedIPs = 0.0.0.0/0, ::0/0 --> higher-latency network
> > 2. wg1.conf: AllowedIPs = 192.168.7.0/24 --> much-lower-latency network
> >
> > When enabling both of the devices/.conf's (listed as 1. and 2. above)
> > concurrently, the #2 route travels over #1 (all starting up via
> > 'wg-quick'). In this scenario I'd prefer #2 routing "bypasses" #1 and
> > retain its (#2's) lower-latency path/network. Can this be done, somehow?
> >
> > I deduce the "route" for #2 changes when concurrently-enabling #1
> > because the #2-ping-latency immediately and dramatically increases to
> > match #1-network's latency (and immediately reverts to #2's lower
> > latency when #1 is disabled). This hurts my #2 network, badly.
> >
> > I'm running/testing the above on macOS v12.6.3 build 21G419,
> > wireguard-go v0.0.20230223. If not on macOS, might this be feasible on
> > Fedora or Ubuntu?
> >
> > I realize this might be a FAQ. I could not find any docs/resources to
> > help after a brief search, so I'm posting here.
> >
> > [I'm not a networking expert, so I may be butchering various
> > terminology, concepts. I apologize in advance for my ignorance.]
> >
> > ~J
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: How to optimize AllowedIPs "overlapping" routes?
2023-04-22 11:24 ` Omkhar Arasaratnam
@ 2023-04-22 11:43 ` Tomcsanyi, Domonkos
0 siblings, 0 replies; 4+ messages in thread
From: Tomcsanyi, Domonkos @ 2023-04-22 11:43 UTC (permalink / raw)
To: Omkhar Arasaratnam; +Cc: mailman-wireguard.com, wireguard
The best way to deal with this IMHO in a multi platform way is adding weight or metric to the specific routes, allowing them to be manually prioritized.
Cheers,
Domi
> 22.04.2023 dátummal, 13:25 időpontban Omkhar Arasaratnam <omkhar@gmail.com> írta:
>
> Rather than using the route setup logic in wg-quick, you could
> manually set the default gateway for (1) and add a more specific route
> for (2) in your route table. iirc (in Linux anyway...) the more
> specific route would take higher precedence.
>
> --oa
>
>
> --oa
>
>
>> On Sat, Apr 22, 2023 at 7:18 AM Johnny Utahh
>> <mailman-wireguard.com@johnnyutahh.com> wrote:
>>
>> More discussion here:
>>
>> https://www.reddit.com/r/WireGuard/comments/12oimvq/how_to_optimize_allowedips_overlapping_routes/
>>
>> Clearly this is FAQ-ish kind of thing. It was a little hard for me to
>> easily find a reference for this kind of stuff. I realize the WireGuard
>> project may not consider it to be their responsibility to address such
>> things.
>>
>> ~J
>>
>>> On 2023-04-16 10:06 AM, Johnny Utahh wrote:
>>> 1. wg0.conf: AllowedIPs = 0.0.0.0/0, ::0/0 --> higher-latency network
>>> 2. wg1.conf: AllowedIPs = 192.168.7.0/24 --> much-lower-latency network
>>>
>>> When enabling both of the devices/.conf's (listed as 1. and 2. above)
>>> concurrently, the #2 route travels over #1 (all starting up via
>>> 'wg-quick'). In this scenario I'd prefer #2 routing "bypasses" #1 and
>>> retain its (#2's) lower-latency path/network. Can this be done, somehow?
>>>
>>> I deduce the "route" for #2 changes when concurrently-enabling #1
>>> because the #2-ping-latency immediately and dramatically increases to
>>> match #1-network's latency (and immediately reverts to #2's lower
>>> latency when #1 is disabled). This hurts my #2 network, badly.
>>>
>>> I'm running/testing the above on macOS v12.6.3 build 21G419,
>>> wireguard-go v0.0.20230223. If not on macOS, might this be feasible on
>>> Fedora or Ubuntu?
>>>
>>> I realize this might be a FAQ. I could not find any docs/resources to
>>> help after a brief search, so I'm posting here.
>>>
>>> [I'm not a networking expert, so I may be butchering various
>>> terminology, concepts. I apologize in advance for my ignorance.]
>>>
>>> ~J
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2023-04-22 11:43 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-04-16 15:06 How to optimize AllowedIPs "overlapping" routes? Johnny Utahh
2023-04-16 20:48 ` Johnny Utahh
2023-04-22 11:24 ` Omkhar Arasaratnam
2023-04-22 11:43 ` Tomcsanyi, Domonkos
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).