2017-08-10 22:29 GMT+08:00 Jason A. Donenfeld <ja...@zx2c4.com>: > Hi Wang, > > Did you have any luck reproducing this with the netns.sh script?
I managed to test with dummy interface but things are not as expected. I think it's because my test case patch is not equvalent to my real setup. I was building a more complex test case that mimics my real setup, but got stuck on other things and got no progress by now. It seems that you have figured out what the scenario is and how to deal with it. IMHO, you have several options 1. Use request's destination address as reply source address, inject the packet, then let kernel routing code do the left work, because a policy route is installed anyway 2. like 1, but your code lookup routing table and search best route for reply source address 3. provide config option that ListenAddress can be specified. You just use it/them to check against request packet's dest address, and inject the reply packet. (Disclaimer: I haven't looked into your code related to routing due to time constraint, so my opinions may be totally wrong) I understand that you prefer 0.0.0.0 for most flexible, thus option 3 is not convicing. BTW: finished test case is attached anyway.
Description: Binary data
_______________________________________________ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard