chrono <chr...@open-resource.org> writes: >> [ ... ] >> >> just to be sure that not wireguard is the problem here, how looks your >> AllowedIPs within the wireguard config? >> >> Maybe it does not allow traffic of the routers? > > That may be so, currently I only have each opposite site in there > > AllowedIPs = 172.23.3.1/32 (on 172.23.3.2) > AllowedIPs = 172.23.3.2/32 (on 172.23.3.1) > > During my prior tests it started to try to route > everything down via wg0 when I tried to add > 192.168.148.0/24 or 192.168.184.0/24 as soon > as the tunnel got up. > > How should wg config be set up for this, so that it > doesn't interfere with BIRD routing? > I've tried to find any working example with > BIRD and WG on the net but there was nothing really :/
You need to set AllowedIPs to 0.0.0.0/0 on both sides. That way wireguard will pass all traffic through (that only works for p2p links with only two peers, obviously). In your current setup, wireguard won't pass the OSPF multicast traffic, so you will see no neighbour associations. And even if you did, bird doesn't know how to amend AllowedIPs for wireguard, so it won't work. However, with the p2p config and 0.0.0.0/0 in AllowedIPs things should work. There is a Wireguard GSOC project to add AllowedIP awareness to Bird, BTW, so in the future things may be easier :) -Toke
