Re: Why can't a WireGuard interface route packets to itself?

[logothesia <logothesia%disroot.org@localhost>]

> > route(8) for a while, and all my attempts to coax it into inserting a
> > route to an interface in a different subnet than the gateway's so far
> > have failed. 
> 
> route add -iface 
> 
> should work.

Like this? (after deleting the original route)

% sudo route add 10.0.0.1 lo0 -iface
route: lo0: bad value

Honestly, I've never really understood there being, e.g., interface
names or MAC addresses in the gateway column. This works in any case:

% sudo route add 10.0.0.1 127.0.0.1 -iface
add host 10.0.0.1: gateway 127.0.0.1
% ping 10.0.0.1
PING 10.0.0.1 (10.0.0.1): 56 data bytes
64 bytes from 10.0.0.1: icmp_seq=0 ttl=255 time=1.000022 ms
...

I guess I can add that to my config script as a temporary workaround.

> I can reproduce your issue on my wg(4) setup, it is not specific to your
> setup (and I was suprised by the behaviour too).

Good to know! On my linux machines all packets to 10.0.0.0/8 are routed
to wg0, and it figures out what it's supposed to do with them no
questions asked; so the route created in NetBSD doesn't at all surprise
me. I'm not sure what the Right Thing to do here would be, but I think
it would make sense for the WG interface to accept packets for itself.