pkg/tcpip/sample/wg_tunnel/config.yaml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116

network:
  version: 2
  renderer: gvisor
  ethernets:
    lo:
      addresses:
      - 127.0.0.1/8
      - ::1/128
      - 10.1.0.1/24
      - 2001:470:de6f:5310::1/64
      routes:
      - to: 10.1.15.0/24
      - to: 2001:470:de6f:531f::/64
  tuntaps:
    tun:
      name: tun1
      mode: tun
      mtu: 1280
#      fd: 0
#      name: tap1
#      mode: tap
      addresses:
      - 10.1.1.2/24
      - 2001:470:de6f:5311::2/64
      nameservers:
        addresses:
          - 8.8.8.8
          - 8.8.4.4
#      routes:
#      - to: 0.0.0.0/0
#        via: 10.1.1.1
#        metric: 200
#      - to: ::/0
#        via: 2001:470:de6f:5311::1
#        metric: 200
      macaddress: aa:00:01:01:02:01

  tunnels:
    tun1:
      mode: udp
      local: 0.0.0.0:10002
      remote: 127.0.0.1:10001
      #FIXME detect MTU
      mtu: 1280 #1500
      addresses:
      - 10.1.2.1/24
      - 2001:470:de6f:5312::1/64
      routes:
#      - to: 0.0.0.0/0
#        via: 10.1.2.2
#        metric: 100
#      - to: ::/0
#        via: 2001:470:de6f:5312::2
#        metric: 100
      macaddress: aa:00:01:01:02:02

  wireguards:
#     wg1:
#       name: wg1
#       addresses:
#       - 10.1.3.2/24
#       - 2001:470:de6f:5313::2/64
#       listen_port: 51820
#       private_key: cCBLRrAKF0oqLua2IGYr6ngQRLdgCSTa8hzDLQvezUI=
#       peers:
#         - public_key: igb6I+JFOEXPN4JjZvSslxNDPQK1/Ofi6310RzH2HAk=
#           endpoint: 10.49.50.1:51820
#           allowed_ips:
#           - 10.1.2.3/32
#           - 0.0.0.0/0
#           - ::/0
# #          persistent_keepalive: 3600
#       nameservers:
#         addresses:
#           - 8.8.8.8
#           - 8.8.4.4
#       routes:
#       - to: 0.0.0.0/0
#         via: 10.1.3.1
#         metric: 100
#         mark: 1
#         mask: 255
#       - to: ::/0
#         via: 2001:470:de6f:5313::1
#         metric: 100
#         mark: 1
#         mask: 255
#       macaddress: aa:00:01:01:02:03

    wg2:
      name: wg2
      addresses:
      - 10.49.124.111/32
      - 2001:470:dfae:6300::111/128
      - 2001:470:dfae:6300::1:111/128
      - fe80::111/64
      listen_port: 51820
      private_key: cCBLRrAKF0oqLua2IGYr6ngQRLdgCSTa8hzDLQvezUI=
      peers:
        - public_key: 5Q5KIFIeskMh/QanwH9/5lHQ9NhWBsY16kwaS0ELQyg=
          endpoint: 10.49.50.215:51820
          allowed_ips:
          - 2001:470:dfae:6300::1:3/128
          - ::/0
          - 0.0.0.0/0
          persistent_keepalive: 3600
      nameservers:
        addresses:
          - 8.8.8.8
          - 8.8.4.4
      routes:
      - to: 10.49.124.0/24
      - to: 0.0.0.0/0
      - to: ::/0
      - to: 2001:470:dfae:6300::/64
      macaddress: aa:00:01:01:02:04