On Tue, Mar 6, 2018 at 11:14 PM, Jason A. Donenfeld <ja...@zx2c4.com> wrote:
> On Tue, Mar 6, 2018 at 11:08 PM, Toke Høiland-Jørgensen <t...@toke.dk> wrote:
>> I think the idea of configuring both v4 and v6 on startup and caching
>> them is a reasonable idea. Maybe even configure all available addresses
>> when doing the initial DNS lookup? Or is that awkward to do?
> You mean taking one v4 and one v6? That's probably possible. Since
> getaddrinfo has complicated ordering logic, this probably be best
> expressed as something like "endpoint" and "secondary endpoint" when
> told by userspace, with them then being swapped when the FIB complains
> about trying to route to one of them.
A slight simplification/generalization will be to define a peer in
terms of and ordered C-list of IP addresses (whether v4 or v6), 0 or
more (currently 0 or 1 IP+port).
Then sending will try the first and move to the next, possibly adding
a "bad score", until one of the endpoint is reachable; then keep using
it until it fails again.
Those IP addresses may come from say A records of a certain host (this
is not WG land anyway), slapping a default port at the back.
Add a fat warning that the more unreachable IP addresses you add, the
more delays will be introduced.
(of course, to make things simple, a peer is defined as knowing the
secret key; changing IPs, and ports and allowed_ips does not matter)
Another GSoC idea, LoL.
WireGuard mailing list