On Mon, Jul 28, 2025 at 08:41:40AM +0200, Florian Obser wrote: > On 2025-07-28 07:25 +02, Claudio Jeker <cje...@diehard.n-r-g.com> wrote: > > On Sun, Jul 27, 2025 at 11:51:25PM +0200, Omar Polo wrote: > >> Florian Obser <flor...@openbsd.org> wrote: > >> > RFC 4291 2.1: > >> > All interfaces are required to have at least one Link-Local unicast > >> > address > >> > >> thanks for the pointer! Now my question becomes how to add such address > >> to a wg(4) device however. > >> > >> I've tried with a (dumb, but here's all i know) `inet6 autoconf' on the > >> wg device, as well as trying to add an address inside fe80::/10 manually > >> (inet6 fe80:fdd0::1/64 with or without alias, in hostname.if) to no > >> avail. > >> > >> I mean: > >> # ifconfig wg3 create > >> # ifconfig wg3 inet6 autoconf > >> # ifconfig wg3 > >> wg3: > >> flags=2480c3<UP,BROADCAST,RUNNING,NOARP,MULTICAST,AUTOCONF6TEMP,AUTOCONF6> > >> mtu 1420 > >> index 14 priority 0 llprio 3 > >> wgport 32884 > >> groups: wg > >> > >> but if I s/wg3/tap0 I get a fe80::something/64 address on it. > >> > >> > >> > With that in mind, read in6_ifattach() and weep. > >> > >> ouch! > > > > wg(4) does not repsect any RFC and especially for IPv6 it is very > > opinionated. It does not do link local addresses and also does not do > > autoconfiguration or neighbor discovery. > > > > Allegedly you can get it to work. One would assume that the wg(4) talks > about this if it doesn't just work... > > Out of idle (or is it morbid?) curiosity I'd like to know if and how you > get this to work. The few wg tunnels I run all have a gif inside them because I need ospf and bgp over them. Since wg doesn't do multicast either you can't run ospf over a wg tunnel (at least I did not manage when I tried last). So I just stacked tunnels in tunnels.
Maybe that changed at some point. Some day I may go back and look at this... -- :wq Claudio
