In-reply-to » Hmm when I said "Wireguard is kind of cool" in this twt now I'm not so sure 😢 I can't get "stable tunnels" to freak'n stay up, survive reboots, survive random disconnections, etc. This is nuts 🤦‍♂️

@movq@www.uninformativ.de I think I misunderstood some aspects of Wireguard as mentioned here, not 100% sure, but so far things are much happier now with assigning /32(s) as Tunnel IP(s) for Peers and being a bit more thoughtful about the AllowedIPs 🤞 I’m only playing around with 3 devices right now, my core router (RouterOS), an Ubuntu 22.04 VM over at Vultr and my iPhone.

⤋ Read More
In-reply-to » Hmm when I said "Wireguard is kind of cool" in this twt now I'm not so sure 😢 I can't get "stable tunnels" to freak'n stay up, survive reboots, survive random disconnections, etc. This is nuts 🤦‍♂️

@prologic@twtxt.net Nothing special, really. 🤔 We have “site-to-site” (a pair of servers) and “point-to-site” (one server, many clients) setups, pretty much the same as described here:

https://wiki.archlinux.org/title/WireGuard#Usage

Which operating system(s) are you using?

⤋ Read More
In-reply-to » Hmm when I said "Wireguard is kind of cool" in this twt now I'm not so sure 😢 I can't get "stable tunnels" to freak'n stay up, survive reboots, survive random disconnections, etc. This is nuts 🤦‍♂️

I think this is what I was missing in my understanding:

In other words, when sending packets, the list of allowed IPs behaves as a sort of routing table, and when > receiving packets, the list of allowed IPs behaves as a sort of access control list.

This is what we call a Cryptokey Routing Table: the simple association of public keys and allowed IPs.

⤋ Read More
In-reply-to » Hmm when I said "Wireguard is kind of cool" in this twt now I'm not so sure 😢 I can't get "stable tunnels" to freak'n stay up, survive reboots, survive random disconnections, etc. This is nuts 🤦‍♂️

@prologic Hm, I’m afraid I can’t be of much help here. Wireguard always “just worked”, I didn’t have the need yet to dig deep into troubleshooting. 🤔

⤋ Read More

After a streak of ugly “meta” sketches working on my naive folder/image browser today I added some improvements, finally got it working from the command line, moved it to the admin_script folder and I’m quite happy with it. Also, I went back to a complementary “meta” idea of using #Python’s #difflib to show sketch code evolution over time…

⤋ Read More
In-reply-to » Hmm when I said "Wireguard is kind of cool" in this twt now I'm not so sure 😢 I can't get "stable tunnels" to freak'n stay up, survive reboots, survive random disconnections, etc. This is nuts 🤦‍♂️

Hmmm really not getting this at al 🤦‍♂️ So far things appear to be a bit more stable, but the only changes I made was to assign addresses to peers of the form 172.30.0.X/32 instead of 172.30.0.X/24 and setting AllowedIPs to 0.0.0.0/0 for mobile peers (phones, etc) and X.X.X.X/24, Y.Y.Y.Y/24 for more static peers (remote VMs) where X and Y are the LAN and Wireguard subnets.

⤋ Read More

Hmm when I said “Wireguard is kind of cool” in this twt now I’m not so sure 😢 I can’t get “stable tunnels” to freak’n stay up, survive reboots, survive random disconnections, etc. This is nuts 🤦‍♂️

⤋ Read More
In-reply-to » Wireguard is kind of cool 👌

Huh hmm Boring Proxy actually uses SSH under the hood (written in Go) for the tunnelling 🤔 Clever, I would have done the same if I hadn’t learned about Wireguard 😅

⤋ Read More
In-reply-to » Wireguard is kind of cool 👌

@mckinley@twtxt.net Now that I have real experience with Wireguard, I’m seriously thinking about building my own “Cloudflare” replacement infra 😅 – And commodifying that somehow. Boring Proxy kind of does this too, but I may have a slightly different takes on things 🤔

⤋ Read More

Isto dos Globos de Ouro da autoproclamada televisão “independente” poderiam ser algo decente se fossem realmente independentes. Mas tantos dos nomeados que seriam mais merecedores e não foram assim comprovam que não são.

⤋ Read More