add wireguard bgp route mode

yon 0 · Jan 24, 2021, 4:55 AM

i want to use wireguard creat p2p vpn for run bgp router. so this need supported. need add Table = off and set static route.

like:

link text

stephenw10 · Jan 26, 2021, 4:01 AM

As far as I know we don't use wg-quick. Until recently it didn't add routes at all, or a gateway.

Since it now only adds routes to the local interface IP they would not conflict. At that level at least.

What problem are you actually seeing here?

Steve

yon 0 · Jan 26, 2021, 7:25 AM

@stephenw10 said in add wireguard bgp route mode:

As far as I know we don't use wg-quick. Until recently it didn't add routes at all, or a gateway.

Since it now only adds routes to the local interface IP they would not conflict. At that level at least.

What problem are you actually seeing here?

Steve

p2p mode. use AllowedIPs = 0.0.0.0/0 or AllowedIPs = ::/0 but it isn't add system route. so it is use bgp for route.

a common pattern for DN42 tunnels is to use AllowedIPs = 0.0.0.0/0 or AllowedIPs = ::/0 then use firewall rules to limit source and destination addresses. If you do not add 'Table = off' this could cause you to route clearnet traffic via your peer and potentially lose connectivity to your node!

Should add a P2P mode option eg: for ipv4 i am need use proxy mode, but ipv6 use p2p+bgp mode. so i have ipv6 space.

stephenw10 · Jan 26, 2021, 2:14 PM

Have you actually tried this?

As far as I can see that is already the default behaviour. A default route is not added is you have 0/0 as allowed-ips.

Steve

yon 0 · Jan 26, 2021, 2:14 PM

@stephenw10

i had try it. when setup allow =0.0.0.0/0,2000::/3 then system all route via wg0.

jimp · Jan 26, 2021, 3:22 PM

This works fine without changing anything.

If you have only one peer per tunnel, leave Allowed IPs empty. WireGuard behaves as if it's set to route anything that reaches the WireGuard interface, and no routes are added to the OS routing table. BGP can setup its own routes.

yon 0 · Jan 27, 2021, 9:13 AM

It is found that the interface will be confused.

i config two wg tunnel, when i deleted wg0 tunnel, then update wg1 tunnel data, it will auto change interface name to wg0.
the route gateway will use old deleted wg0 data for wg1.

and i had deleted wg0 name still show interface list.

Can we choose to configure the interface name?

🔒 Log in to view

and i had deleted wg tunnel and interface, but use ifconfig command still show all old wg0 wg1 .. in interface.

yon 0 · Jan 27, 2021, 9:10 AM

wg interface config ipv4 and ipv6 address,
eg: 10.0.0.102/32, 2a0d:2400:12:c::102/128
but the interface only has ipv4.