On 2020/10/29 23:08, Pierre Emeriaud wrote:
> Le jeu. 29 oct. 2020 à 21:03, Stuart Henderson <stu@spacehopper.org> a écrit :
> >
> > Which DNS server do you have bound on 53?
>
> unwind
>
>
> > > Is there a reason why wg needs such a large bind?
> >
> > Unless/until it gets an option to bind to a specific IP that's all it
> > can sanely do. It would definitely be useful IMO.
>
> This is maybe where it starts to make sense. By binding INADDR_ANY,
> this allows wg to accept incoming packets whichever interface they
> came from. Maybe to mimic what is done with other tunnels/protocols
> operating at L3, while still operating at L4.
Incoming is one side of it. The other side is the address used for
outgoing packets - on a multihomed system it's quite common to bind
to a specific port to get the correct source address (which can
easily vary between different services running on a machine).
No comments:
Post a Comment