On 2019-05-11, Henning Reich <[email protected]> wrote: > No, I think its correct behaviour. > If you have overlapping networks the more specific route is preferred. > 10.10.10.0/24 overrule 10.10.0.0/16. > If the subnets are the same, the last one is the more specific (because > most recent one) and should be used.
But none of the AllowedIPs is "more specific" -- they're all /32. In addition, the preferred one is the last one in the config file (presumably because it gets configured last) even if you use more specific route earlier in the config. > And in germany, we say (literal translation): You're allowed to shoot > yourself in the knee. (to be self-defeating) :-) In English we say "shooting yourself in the foot" (hence a "foot-gun"). But I'd argue that you should avoid designing foot-guns when possible. -- Aleksa Sarai Senior Software Engineer (Containers) SUSE Linux GmbH <https://www.cyphar.com/>
signature.asc
Description: PGP signature
_______________________________________________ WireGuard mailing list [email protected] https://lists.zx2c4.com/mailman/listinfo/wireguard
