Hello,
I'm attempting to route the WG tunnel traffic (not the inside traffic) on a VRF. I was able to use an ip rule + fwmark to route outgoing packets to the proper VRF, however the incoming traffic *seems* to be rejected due to the UDP socket not being bound to an interface in the VRF. 00:56:35.606766 IP 172.16.16.32.5180 > 45.66.80.144.5180: UDP, length 148 00:56:35.922547 IP 45.66.80.144.5180 > 172.16.16.32.5180: UDP, length 92 00:56:35.922680 IP 172.16.16.32 > 45.66.80.144: ICMP 172.16.16.32 udp port 5180 unreachable, length 128 Is there any workaround you know of? Would you consider implementing binding to an interface like other tunnel interfaces do? (The infrastructure is already present by using the bind_ifindex field of udp_port_cfg passed to udp_sock_create) Thank you, regards, -- Daniele Orlandi _______________________________________________ WireGuard mailing list [email protected] https://lists.zx2c4.com/mailman/listinfo/wireguard
