On Mon, Jul 28, 2025, 02:38 Claudio Jeker <cjeker@diehard.n-r-g.com> wrote:
On Sun, Jul 27, 2025 at 11:51:25PM +0200, Omar Polo wrote:
> Florian Obser <florian@openbsd.org> wrote:
> > RFC 4291 2.1:
> > All interfaces are required to have at least one Link-Local unicast
> > address
>
> thanks for the pointer! Now my question becomes how to add such address
> to a wg(4) device however.
>
> I've tried with a (dumb, but here's all i know) `inet6 autoconf' on the
> wg device, as well as trying to add an address inside fe80::/10 manually
> (inet6 fe80:fdd0::1/64 with or without alias, in hostname.if) to no
> avail.
>
> I mean:
> # ifconfig wg3 create
> # ifconfig wg3 inet6 autoconf
> # ifconfig wg3
> wg3: flags=2480c3<UP,BROADCAST,RUNNING,NOARP,MULTICAST,AUTOCONF6TEMP,AUTOCONF6> mtu 1420
> index 14 priority 0 llprio 3
> wgport 32884
> groups: wg
>
> but if I s/wg3/tap0 I get a fe80::something/64 address on it.
>
>
> > With that in mind, read in6_ifattach() and weep.
>
> ouch!
wg(4) does not repsect any RFC and especially for IPv6 it is very
opinionated. It does not do link local addresses and also does not do
autoconfiguration or neighbor discovery.
--
:wq Claudio
You can definitely manually add a link-local address; I normally use them for routing. I have also run OSPF and BGP over wg (on OpenBSD and Linux). I usually explicitly allow the multicast ranges along with any others. It's always worked fine, no gre needed. I may only have done OSPFv4 with OpenBSD though. I currently do both with Linux.
Server: Ifconfig wg0 fe80::100
Client: Ifconfig wg0 fe80::101
Ping6 fe80::101%wg0
Works fine. True enough about autoconf and ND though.
Sorry about the formatting; never can figure that out on a phone.
No comments:
Post a Comment