From: Mike O'Connor <mike@pineview.net>
To: Roberto 007 <mikit77777@gmail.com>, wireguard@lists.zx2c4.com
Subject: Re: BGP over multiple wireguard vpn link
Date: Sat, 8 Feb 2020 21:00:12 +1030 [thread overview]
Message-ID: <fdaeb8d6-4986-8997-db86-b8a2cd818188@pineview.net> (raw)
In-Reply-To: <CABW-WNP=WfUcLaex2bMPAv4FX6hUmt4==CXx=nT3=K0NbHqE_g@mail.gmail.com>
[-- Attachment #1.1: Type: text/plain, Size: 1567 bytes --]
Hi Miki
I'm doing basically what your talking about but with OSPF.
I do not use wg-quick, instead I configure the Wireguard in the network
interface file like /etc/network/interface on all the machines.
iface wg-p2p inet static
address xxx.xxx.xxx/xxx
pre-up ip link add $IFACE mtu 1500 type wireguard
pre-up wg setconf $IFACE /etc/wireguard/$IFACE.conf
post-down ip link del $IFACE
Central machines I'll list the allowed ip addresses from the individual
peers.
On the peers I'll have an allow all like
AllowedIPs = 0.0.0.0/0, ::/0
The allow all ip's on each peer does not add a route but does allow any
traffic to be sent to the central system.
From that point you can configure any dynamic routing system you want.
Mike
On 17/1/20 9:23 pm, Roberto 007 wrote:
> Hello Wireguard team,
>
> I would like to test multiple VPN links with BGP which is for
> controlling traffic.
> I have no problem to make BGP over multiple links but once I tried to
> ping then I found a problem because I cannot set Allowed-IPs 0.0.0.0/0
> <http://0.0.0.0/0> to all the wireguard links.
>
> My question is that this kind of configuration is not supported
> wireguard?
>
> I could make it with IPSec without any issues.
>
> If you could give us some advice, it would be greatly appreciated.
>
> Thanks and best regards,
> Miki
>
>
> _______________________________________________
> WireGuard mailing list
> WireGuard@lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/wireguard
[-- Attachment #1.2: Type: text/html, Size: 3666 bytes --]
[-- Attachment #2: Type: text/plain, Size: 148 bytes --]
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard
prev parent reply other threads:[~2020-02-08 21:29 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-01-17 10:53 Roberto 007
2020-02-07 22:20 ` Inrin
2020-02-08 7:07 ` Mikma
2020-02-08 10:30 ` Mike O'Connor [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=fdaeb8d6-4986-8997-db86-b8a2cd818188@pineview.net \
--to=mike@pineview.net \
--cc=mikit77777@gmail.com \
--cc=wireguard@lists.zx2c4.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).