On P, 2020-04-05 at 19:43 -0400, Reid Rankin wrote: > However, I've taken it one step further, by using > cryptographically-generated addresses; each peer automatically gets > fe80:(truncated hash of pubkey)/128 stuck in its allowed IP list. > (I'm considering harmonizing this address generation algorithm with > RFC3972 in the future.) This means that initiating the protocol > requires no configuration other than the public key of the peer you'd > like to contact.
While back there was a tool posted to this mailing list[0] that generated WireGuard IP aadresses from the public key called wg-ip[1]. It would simplify things if that or some other link-local IP genration algorithm would get integrated into wg-quick toolset. I have also written a Python version of wg-ip generation algorithm that might me slightly easier to read[2]. [0] https://lists.zx2c4.com/pipermail/wireguard/2018-April/002593.html [1] https://github.com/chmduquesne/wg-ip [2] https://gist.github.com/artizirk/c91e4f8c237dec07e3ad1b286f1855a7
