Community discussions

MikroTik App
 
mmlea
just joined
Topic Author
Posts: 7
Joined: Sun Nov 08, 2020 12:56 am

Wireguard wgsd-client plugin

Fri Nov 13, 2020 12:11 pm

Hello Guys

Feature request for Wireguard in Mikrotik

Maybe some of you know wgsd-client,

What is it ?

-wgsd-client is responsible for keeping peer endpoint configuration up to date.
-It retrieves the list of configured peers, queries wgsd for matching public keys, and then sets the endpoint value for each peer if needed.
-This client is intended to be run periodically via cron or similar scheduling mechanism.
-It checks all peers once in a serialized fashion and then exits.

Here the source for it in go lang
https://github.com/jwhited/wgsd/tree/ma ... gsd-client

This way whould be possible to use wireguard on mikrotik to connect two networks behind cgnat point to point.
This wgsd-client will keep up peer informations retrieved from a registry Coredns server that helps point A to connect to point B directly

Here some more information about it for the most entusiasts:

https://www.jordanwhited.com/posts/wire ... traversal/
Thanks to jordan whited for his study.

Grettings to all.
 
Sob
Forum Guru
Forum Guru
Posts: 6484
Joined: Mon Apr 20, 2009 9:11 pm

Re: Wireguard wgsd-client plugin

Fri Nov 13, 2020 9:24 pm

Interesting, but unlikely to be directly supported in RouterOS. Problem is, it's just one possible solution, nothing standard, so why implement this one and not something else?

On the other hand, the idea is extremely simple, something that could be easily done with script, if there were required functions. All you need is ability to resolve SRV records and work with data, and base32/64 conversions. AFAIK current RouterOS scripting has none of those, but I'd definitely support request to add them, because it could be useful for many other things.

In case you don't need exactly this and only something like this, you can replace dns with http and then it could be doable even with what RouterOS scripting can do now. And even if you do need compatibility with this, you could easily add http as kind of proxy for RouterOS clients.
Excessive quoting is useless and annoying. If you use it, please consider if you could do without it.

Who is online

Users browsing this forum: ropeguru and 13 guests