On Sun, Nov 05, 2017 at 01:05:18 +0100, Markus Woschank <[email protected]> wrote:
I imaging specifying an endpoint IP for a peer and than discovering that it connected from a different IP may be surprising to some. I generally prefer for things to break if I configure them the wrong way and not work "sometimes" (wrong endpoint IP on one side but the other first initiating the connection most of the time).
Perhaps, but I think you are thinking about the function incorrectly. The peer address shouldn't be looked at as a restriction, but rather as a hint of where to send traffic to reach the peer if no traffic has been received from it. In that light, wg's behavior makes sense. The last IP address the peer was seen at, is normally the best place to look for it later.
_______________________________________________ WireGuard mailing list [email protected] https://lists.zx2c4.com/mailman/listinfo/wireguard
