As we’ve found out wireguard aims to use IP addresses instead of IPs and FQDNs what was possible in older releases of vyos and also wireguard.
To give the ability back to use fqdn’s (what has been possible in the past until “T2206 Split WireGuard endpoint into proper host and port nodes” in Dec. 2020 and in my and others opinion is used by some users like me which stick with dynamic IPs from their ISP) maybe there could be created an option like follows:
set interfaces wireguard wg0 peer domain ‘xxx.abcd.de’
set interfaces wireguard wg0 peer domain update-frequency (e.g. 30s, 1m, 1h, 1d)
To not conflict with
set interfaces wireguard wg0 peer address ‘xx.xx.xx.xx’
only one option address or domain should be possible at a time on a peers base.
An implementation for this need is already in place in Wireguard’s wireguard-tools which is called by a cron job on a regular base: https://git.zx2c4.com/wireguard-tools/tree/contrib/reresolve-dns/reresolve-dns.sh
This missing functionality which has been removed by only allowing IPs to wireguard and thus vyos’s implementation is a showstopper for my current and upcoming deployments and as i’ve read on the phabricator also to others.