"Jason A. Donenfeld" <ja...@zx2c4.com> writes:
> Hey Toke,
> For incoming packets, this would be strange behavior, since it's
> listening on v4 and v6.
Yeah, I think the incoming side is fine (it works over both v4 and v6 as
long as I have connectivity on the other end).
> For outgoing packets, if wireguard thinks it should be sending to a v6
> address, then that's what it will do.
Right, so it's not just me, this doesn't actually work currently. Cool ;)
> One way to fix this would be to re-resolve DNS from userspace, which
> is a bit ugly. Another way would be to simply store the last v4
> address, and fall back to that if it can't establish a route for the
> v6 address. And yet another way -- if simplicity is desired -- would
> be to do nothing (the status quo), and not build legacy semantics into
> something new. Any opinions on this?
While I can appreciate the simplicity of doing nothing, I think seamless
roaming even across v4/v6 is a pretty killer feature to have. It turns
wireguard into a "universal connectivity" tool that you can just enable
and forget about, without having to worry about calls dropping when
I think the idea of configuring both v4 and v6 on startup and caching
them is a reasonable idea. Maybe even configure all available addresses
when doing the initial DNS lookup? Or is that awkward to do?
WireGuard mailing list