Dear Developer
Can we let vyos support wgsd ,then we can let vyos support WireGuard Endpoint Discovery and NAT Traversal using DNS-SD. It can let 2 wireguard nodes behind nat to connected directly.
wgsd github page:
jwhited/wgsd: A CoreDNS plugin that provides WireGuard peer information via DNS-SD semantics (github.com)
I am probably missing something here but how is that different from current implementation of wireguard in VyOS?
https://docs.vyos.io/en/equuleus/configuration/interfaces/wireguard.html
In the current implementation 2 hosts can’t communicate if they both behind NAT
Even if at least one have portforwarding enabled through their firewall?
Connecting in a star network as the drawing above is basic routing once wireguard tunnels are established to the central point.
With DNAT, of course it will work.
The main idea it not to use HUB for traffic forwarding, so peers will communicate together without HUB.
And traffic flow will be directly between peers.
How about replacing dns forward with coredns and wgsd plugin enabled? then the wireguard will be easy to support DDNS connection since wgsd is a plugin of coredns can modify the right dynamic wan ip to the wireguard configuration. At the same time, two vyos behind a nat or with a dynamic WAN ip address will be easy connected.
BTW , I always met dns forward no response issue. All vyos 1.2 and 1.3 has these issue. Currently, I’m trying to replace dns forwarder with bind or other DNS servers. Even I have 8 devices as the clients. They still have dns responding slowly or timeout issue.
Not replace, but use coredns in container possible
The performance of PowerDNS recursor is really slow. Any plan to improve it ?
