In-reply-to » Hmm when I said "Wireguard is kind of cool" in this twt now I'm not so sure 😢 I can't get "stable tunnels" to freak'n stay up, survive reboots, survive random disconnections, etc. This is nuts šŸ¤¦ā€ā™‚ļø

@movq@www.uninformativ.de I think I misunderstood some aspects of Wireguard as mentioned here, not 100% sure, but so far things are much happier now with assigning /32(s) as Tunnel IP(s) for Peers and being a bit more thoughtful about the AllowedIPs šŸ¤ž I’m only playing around with 3 devices right now, my core router (RouterOS), an Ubuntu 22.04 VM over at Vultr and my iPhone.

⤋ Read More
In-reply-to » Hmm when I said "Wireguard is kind of cool" in this twt now I'm not so sure 😢 I can't get "stable tunnels" to freak'n stay up, survive reboots, survive random disconnections, etc. This is nuts šŸ¤¦ā€ā™‚ļø

@prologic@twtxt.net Nothing special, really. šŸ¤” We have ā€œsite-to-siteā€ (a pair of servers) and ā€œpoint-to-siteā€ (one server, many clients) setups, pretty much the same as described here:

https://wiki.archlinux.org/title/WireGuard#Usage

Which operating system(s) are you using?

⤋ Read More
In-reply-to » Hmm when I said "Wireguard is kind of cool" in this twt now I'm not so sure 😢 I can't get "stable tunnels" to freak'n stay up, survive reboots, survive random disconnections, etc. This is nuts šŸ¤¦ā€ā™‚ļø

I think this is what I was missing in my understanding:

In other words, when sending packets, the list of allowed IPs behaves as a sort of routing table, and when > receiving packets, the list of allowed IPs behaves as a sort of access control list.

This is what we call a Cryptokey Routing Table: the simple association of public keys and allowed IPs.

⤋ Read More
In-reply-to » Hmm when I said "Wireguard is kind of cool" in this twt now I'm not so sure 😢 I can't get "stable tunnels" to freak'n stay up, survive reboots, survive random disconnections, etc. This is nuts šŸ¤¦ā€ā™‚ļø

@movq@www.uninformativ.de What’s your setup like? How many peers? How are they configured? (if you can share)

⤋ Read More
In-reply-to » Hmm when I said "Wireguard is kind of cool" in this twt now I'm not so sure 😢 I can't get "stable tunnels" to freak'n stay up, survive reboots, survive random disconnections, etc. This is nuts šŸ¤¦ā€ā™‚ļø

@prologic Hm, I’m afraid I can’t be of much help here. Wireguard always ā€œjust workedā€, I didn’t have the need yet to dig deep into troubleshooting. šŸ¤”

⤋ Read More

After a streak of ugly ā€œmetaā€ sketches working on my naive folder/image browser today I added some improvements, finally got it working from the command line, moved it to the admin_script folder and I’m quite happy with it. Also, I went back to a complementary ā€œmetaā€ idea of using #Python’s #difflib to show sketch code evolution over time…

⤋ Read More
In-reply-to » Hmm when I said "Wireguard is kind of cool" in this twt now I'm not so sure 😢 I can't get "stable tunnels" to freak'n stay up, survive reboots, survive random disconnections, etc. This is nuts šŸ¤¦ā€ā™‚ļø

Hmmm really not getting this at al šŸ¤¦ā€ā™‚ļø So far things appear to be a bit more stable, but the only changes I made was to assign addresses to peers of the form 172.30.0.X/32 instead of 172.30.0.X/24 and setting AllowedIPs to 0.0.0.0/0 for mobile peers (phones, etc) and X.X.X.X/24, Y.Y.Y.Y/24 for more static peers (remote VMs) where X and Y are the LAN and Wireguard subnets.

⤋ Read More

Hmm when I said ā€œWireguard is kind of coolā€ in this twt now I’m not so sure 😢 I can’t get ā€œstable tunnelsā€ to freak’n stay up, survive reboots, survive random disconnections, etc. This is nuts šŸ¤¦ā€ā™‚ļø

⤋ Read More
In-reply-to » Wireguard is kind of cool šŸ‘Œ

Huh hmm Boring Proxy actually uses SSH under the hood (written in Go) for the tunnelling šŸ¤” Clever, I would have done the same if I hadn’t learned about Wireguard šŸ˜…

⤋ Read More
In-reply-to » Wireguard is kind of cool šŸ‘Œ

@mckinley@twtxt.net Now that I have real experience with Wireguard, I’m seriously thinking about building my own ā€œCloudflareā€ replacement infra šŸ˜… – And commodifying that somehow. Boring Proxy kind of does this too, but I may have a slightly different takes on things šŸ¤”

⤋ Read More

Isto dos Globos de Ouro da autoproclamada televisĆ£o ā€œindependenteā€ poderiam ser algo decente se fossem realmente independentes. Mas tantos dos nomeados que seriam mais merecedores e nĆ£o foram assim comprovam que nĆ£o sĆ£o.

⤋ Read More