Re: Question about wg(4)

To: Konrad Schroder <perseant%hhhh.org@localhost>
Subject: Re: Question about wg(4)
From: Martin Husemann <martin%duskware.de@localhost>
Date: Fri, 19 Sep 2025 08:14:33 +0200

On Thu, Sep 18, 2025 at 05:14:50PM -0700, Konrad Schroder wrote:
> I can think of three solutions to this: (A) fiddle DNS for 10.0.0.0/24 so
> that the machines there contact B at 10.0.1.1, and don't know its public
> address; (B) set up NAT on A so that packets originating on 10/24 are
> rewritten to have a source address of 10.0.1.0; or (C) configure B with a
> second IP address, and bind wg0 to that second address.

I have played with a caching DNS resolver behind the wg network with a
special view for this case (in a setup where other hidden servers were
reachable via the tunnel and it was not just a single IP that needed
overriding), and in simpler setups just used /etc/hosts overriding the
public address and pointing to the wg-internal address.

Martin

References:
- Question about wg(4)
  - From: Konrad Schroder

Prev by Date: Question about wg(4)
Next by Date: Re: Question about wg(4)
Previous by Thread: Question about wg(4)
Next by Thread: Re: Question about wg(4)
Indexes:

Home | Main Index | Thread Index | Old Index