1 files changed, 116 insertions, 0 deletions

diff --git a/pkg/tcpip/sample/wg_tunnel/config.yaml b/pkg/tcpip/sample/wg_tunnel/config.yaml
new file mode 100644
index 000000000..7a0c250dc
--- /dev/null
+++ b/pkg/tcpip/sample/wg_tunnel/config.yaml
@@ -0,0 +1,116 @@
+network:
+  version: 2
+  renderer: gvisor
+  ethernets:
+    lo:
+      addresses:
+      - 127.0.0.1/8
+      - ::1/128
+      - 10.1.0.1/24
+      - 2001:470:de6f:5310::1/64
+      routes:
+      - to: 10.1.15.0/24
+      - to: 2001:470:de6f:531f::/64
+  tuntaps:
+    tun:
+      name: tun1
+      mode: tun
+      mtu: 1280
+#      fd: 0
+#      name: tap1
+#      mode: tap
+      addresses:
+      - 10.1.1.2/24
+      - 2001:470:de6f:5311::2/64
+      nameservers:
+        addresses:
+          - 8.8.8.8
+          - 8.8.4.4
+#      routes:
+#      - to: 0.0.0.0/0
+#        via: 10.1.1.1
+#        metric: 200
+#      - to: ::/0
+#        via: 2001:470:de6f:5311::1
+#        metric: 200
+      macaddress: aa:00:01:01:02:01
+
+  tunnels:
+    tun1:
+      mode: udp
+      local: 0.0.0.0:10002
+      remote: 127.0.0.1:10001
+      #FIXME detect MTU
+      mtu: 1280 #1500
+      addresses:
+      - 10.1.2.1/24
+      - 2001:470:de6f:5312::1/64
+      routes:
+#      - to: 0.0.0.0/0
+#        via: 10.1.2.2
+#        metric: 100
+#      - to: ::/0
+#        via: 2001:470:de6f:5312::2
+#        metric: 100
+      macaddress: aa:00:01:01:02:02
+
+  wireguards:
+#     wg1:
+#       name: wg1
+#       addresses:
+#       - 10.1.3.2/24
+#       - 2001:470:de6f:5313::2/64
+#       listen_port: 51820
+#       private_key: cCBLRrAKF0oqLua2IGYr6ngQRLdgCSTa8hzDLQvezUI=
+#       peers:
+#         - public_key: igb6I+JFOEXPN4JjZvSslxNDPQK1/Ofi6310RzH2HAk=
+#           endpoint: 10.49.50.1:51820
+#           allowed_ips:
+#           - 10.1.2.3/32
+#           - 0.0.0.0/0
+#           - ::/0
+# #          persistent_keepalive: 3600
+#       nameservers:
+#         addresses:
+#           - 8.8.8.8
+#           - 8.8.4.4
+#       routes:
+#       - to: 0.0.0.0/0
+#         via: 10.1.3.1
+#         metric: 100
+#         mark: 1
+#         mask: 255
+#       - to: ::/0
+#         via: 2001:470:de6f:5313::1
+#         metric: 100
+#         mark: 1
+#         mask: 255
+#       macaddress: aa:00:01:01:02:03
+
+    wg2:
+      name: wg2
+      addresses:
+      - 10.49.124.111/32
+      - 2001:470:dfae:6300::111/128
+      - 2001:470:dfae:6300::1:111/128
+      - fe80::111/64
+      listen_port: 51820
+      private_key: cCBLRrAKF0oqLua2IGYr6ngQRLdgCSTa8hzDLQvezUI=
+      peers:
+        - public_key: 5Q5KIFIeskMh/QanwH9/5lHQ9NhWBsY16kwaS0ELQyg=
+          endpoint: 10.49.50.215:51820
+          allowed_ips:
+          - 2001:470:dfae:6300::1:3/128
+          - ::/0
+          - 0.0.0.0/0
+          persistent_keepalive: 3600
+      nameservers:
+        addresses:
+          - 8.8.8.8
+          - 8.8.4.4
+      routes:
+      - to: 10.49.124.0/24
+      - to: 0.0.0.0/0
+      - to: ::/0
+      - to: 2001:470:dfae:6300::/64
+      macaddress: aa:00:01:01:02:04