If Wireguard let you configure a list of allowed keys for a peer (instead of a single key) that would be a logical solution without much extra complexity at all I imagine.
On Thu, Jan 3, 2019 at 2:39 PM Edward Vielmetti <[email protected]> wrote: > A little thought experiment which I haven't tried yet. > > Using anycast, a single IP address can be routed to multiple machines in a > data center or around the world. > > Is it at all possible that anycast and Wireguard would play together > nicely? In particular, is it plausible that you could give a client an > anycast address of a server to use as its endpoint, and that when it picked > the correct / closest one that it would do the right thing? > > The naive approach would be to have all of the anycast devices share the > same private/public key pair, but that has a bad smell. And I don't know > what would happen if your routing changed in mid-connection. > > (anycast is the technology used to give name servers a single global > address, like Google's 8.8.8.8 DNS) > > -- > Edward Vielmetti +1 734 330 2465 > [email protected] > > _______________________________________________ > WireGuard mailing list > [email protected] > https://lists.zx2c4.com/mailman/listinfo/wireguard >
_______________________________________________ WireGuard mailing list [email protected] https://lists.zx2c4.com/mailman/listinfo/wireguard
