My company will be open sourcing a configuration management system we’ve called wg-easy. It is designed specifically for managing large scale distributed WireGuard networks. We are happy to see other are interested in operating WireGuard at scale.

Coming very soon, TM.

On Fri, Feb 14, 2020 at 17:46 Derrick Lyndon Pallas <derrick@pallas.us> wrote:

You might also want to check out https://pypi.org/project/wgnlpy/ which is a Wireguard configuration library for python.

~Derrick • iPhone

On Feb 14, 2020, at 3:02 AM, Barrett Strausser <barrett@bossanova.com> wrote:

I don't doubt that it can handle 1M peers.

My question was more concerned with can an Organization perform the configuration management to handle 1M peers if all configuration is through a static IP.

If I have 1M peers and .9999 have no change per day, that still leaves 100 changes or ~4 per hour. I'd argue it is a good practice to have to restart services to pick up those changes.

I'll have a look at those links. Thank you very much

-b

On Sat, Feb 8, 2020 at 4:29 PM Jason A. Donenfeld <Jason@zx2c4.com> wrote:
WireGuard has an API, via Netlink. This might help you:

https://git.zx2c4.com/wireguard-tools/tree/contrib/embeddable-wg-library
https://git.zx2c4.com/wireguard-tools/tree/src/uapi/linux/wireguard.h

It can handle 1M peers, yes.

_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard