prologic
twtxt.net
 (22h ago)
In-reply-to » Hmm when I said "Wireguard is kind of cool" in this twt now I'm not so sure šŸ˜¢ I can't get "stable tunnels" to freak'n stay up, survive reboots, survive random disconnections, etc. This is nuts šŸ¤¦ā€ā™‚ļø

@movq@www.uninformativ.de I think I misunderstood some aspects of Wireguard as mentioned here, not 100% sure, but so far things are much happier now with assigning /32(s) as Tunnel IP(s) for Peers and being a bit more thoughtful about the AllowedIPs šŸ¤ž Iā€™m only playing around with 3 devices right now, my core router (RouterOS), an Ubuntu 22.04 VM over at Vultr and my iPhone.

ā¤‹ Read More
movq
www.uninformativ.de
 (22h ago)
In-reply-to » Hmm when I said "Wireguard is kind of cool" in this twt now I'm not so sure šŸ˜¢ I can't get "stable tunnels" to freak'n stay up, survive reboots, survive random disconnections, etc. This is nuts šŸ¤¦ā€ā™‚ļø

@prologic@twtxt.net Nothing special, really. šŸ¤” We have ā€œsite-to-siteā€ (a pair of servers) and ā€œpoint-to-siteā€ (one server, many clients) setups, pretty much the same as described here:

https://wiki.archlinux.org/title/WireGuard#Usage

Which operating system(s) are you using?

ā¤‹ Read More
prologic
twtxt.net
 (22h ago)
In-reply-to » Hmm when I said "Wireguard is kind of cool" in this twt now I'm not so sure šŸ˜¢ I can't get "stable tunnels" to freak'n stay up, survive reboots, survive random disconnections, etc. This is nuts šŸ¤¦ā€ā™‚ļø

I think this is what I was missing in my understanding:

In other words, when sending packets, the list of allowed IPs behaves as a sort of routing table, and when > receiving packets, the list of allowed IPs behaves as a sort of access control list.

This is what we call a Cryptokey Routing Table: the simple association of public keys and allowed IPs.

ā¤‹ Read More
prologic
twtxt.net
 (1d ago)
In-reply-to » Hmm when I said "Wireguard is kind of cool" in this twt now I'm not so sure šŸ˜¢ I can't get "stable tunnels" to freak'n stay up, survive reboots, survive random disconnections, etc. This is nuts šŸ¤¦ā€ā™‚ļø

@movq@www.uninformativ.de Whatā€™s your setup like? How many peers? How are they configured? (if you can share)

ā¤‹ Read More
movq
www.uninformativ.de
 (1d ago)
In-reply-to » Hmm when I said "Wireguard is kind of cool" in this twt now I'm not so sure šŸ˜¢ I can't get "stable tunnels" to freak'n stay up, survive reboots, survive random disconnections, etc. This is nuts šŸ¤¦ā€ā™‚ļø

@prologic Hm, Iā€™m afraid I canā€™t be of much help here. Wireguard always ā€œjust workedā€, I didnā€™t have the need yet to dig deep into troubleshooting. šŸ¤”

ā¤‹ Read More
@villares@ciberlandia.pt
ciberlandia.pt
 (1d ago)

After a streak of ugly ā€œmetaā€ sketches working on my naive folder/image browser today I added some improvements, finally got it working from the command line, moved it to the admin_script folder and Iā€™m quite happy with it. Also, I went back to a complementary ā€œmetaā€ idea of using #Pythonā€™s #difflib to show sketch code evolution over timeā€¦

ā¤‹ Read More
prologic
twtxt.net
 (1d ago)
In-reply-to » Hmm when I said "Wireguard is kind of cool" in this twt now I'm not so sure šŸ˜¢ I can't get "stable tunnels" to freak'n stay up, survive reboots, survive random disconnections, etc. This is nuts šŸ¤¦ā€ā™‚ļø

Hmmm really not getting this at al šŸ¤¦ā€ā™‚ļø So far things appear to be a bit more stable, but the only changes I made was to assign addresses to peers of the form 172.30.0.X/32 instead of 172.30.0.X/24 and setting AllowedIPs to 0.0.0.0/0 for mobile peers (phones, etc) and X.X.X.X/24, Y.Y.Y.Y/24 for more static peers (remote VMs) where X and Y are the LAN and Wireguard subnets.

ā¤‹ Read More
prologic
twtxt.net
 (1d ago)

Hmm when I said ā€œWireguard is kind of coolā€ in this twt now Iā€™m not so sure šŸ˜¢ I canā€™t get ā€œstable tunnelsā€ to freakā€™n stay up, survive reboots, survive random disconnections, etc. This is nuts šŸ¤¦ā€ā™‚ļø

ā¤‹ Read More
prologic
twtxt.net
 (1d ago)
In-reply-to » Wireguard is kind of cool šŸ‘Œ

Huh hmm Boring Proxy actually uses SSH under the hood (written in Go) for the tunnelling šŸ¤” Clever, I would have done the same if I hadnā€™t learned about Wireguard šŸ˜…

ā¤‹ Read More
prologic
twtxt.net
 (1d ago)
In-reply-to » Wireguard is kind of cool šŸ‘Œ

@mckinley@twtxt.net Now that I have real experience with Wireguard, Iā€™m seriously thinking about building my own ā€œCloudflareā€ replacement infra šŸ˜… ā€“ And commodifying that somehow. Boring Proxy kind of does this too, but I may have a slightly different takes on things šŸ¤”

ā¤‹ Read More
@seyon@ciberlandia.pt
ciberlandia.pt
 (1d ago)

Isto dos Globos de Ouro da autoproclamada televisĆ£o ā€œindependenteā€ poderiam ser algo decente se fossem realmente independentes. Mas tantos dos nomeados que seriam mais merecedores e nĆ£o foram assim comprovam que nĆ£o sĆ£o.

ā¤‹ Read More