(1) DNS RERESOLVE!
Note in the ref thread (linked below), it is clear that there is an issue with wireguard when the SERVER IP changes and typically this can be due to use of mynetname.net or any DYNDNS url.
It is so common that in the linux world they have a reresolve DNS script and Procustodibus has produced their ReResolve Agent.
https://git.zx2c4.com/wireguard-tools/t ... lve-dns.sh
https://www.procustodibus.com/blog/2021 ... endpoints/
(ref thread - viewtopic.php?p=920886#p920886)
Looking to see if embedding this functionality within the Router working alongside with the wireguard protocol would make sense for MT to include. Something like.
If Client unable to reach Server (after user selectable keep alive attempts), instead of next keep alive attempt or simply Stopping,
THEN reresolve associated endpoint address.
THEN attempt another cycle of keep alives, if not accepted
THEN reattempt reresolve associated endpoint addresses.
USER selectable attributes.
a. use reresolve function Y/N (or checkbox on interface setting of wireguard or at DNS servers)
b. number of keep alives before attempting reresolve ( available range 2-5 ? )
c. number of reresolve attempts ( available range 1-3 ?)
In this kind of smart approach, no additional home grown script or agents would be required!
(2) CREATING IP Routes for Allowed IPs.
In the linux world and associated APPS for wireguard there is software that automatically creates IP routes for Allowed IPs.
Is this something worth considering to implement automatically for MT software. I cannot see it hurting?
USER SETTINGS
a. (on Peer allowed IP settings for each peer) add IP routes Y/N
Outcome: IP routes would be created (DAC I suppose) for all IPs within allowed IP addresses for that peer.
The code should ignore any allowed IPs that also match the IP ADDRESS structure of the wireguard interface as defined by the admin under /ip address.
(no need for duplicates).