Wireguard with Dynamic IP / Dynamic DNS setup

General questions
#1

Is there a way to get wireguard running on vyos with a dynamic IP / DNS endpoint?
I have a working openvpn setup with a dynamic IP by setting remote-host to a hostname kept up to date with dynamic dns updates, but want to switch to wireguard.
As far as I can tell, the wireguard setup in vyos only accepts ip addresses under the peer setting. Is this correct?

vyos@vyos# set interfaces wireguard wg0 peer peer0 address foo.bar
Invalid value
Value validation failed
Set failed

Curious if anybody can help me get this configuration working.Thanks

#2

No, more details Wireguard Doesn't Allow use of DNS for Remote Peer Endpoint

#3

This works as long as one end is static.
Then on the static site you omit the address/port config.
On the dynamic site you set a persistent-keepalive to keep the static site up2date with your current dynamic ip.

#4

I had searched before asking, but apparently not well enough.
Thanks for the information.

#5

You do know that this works fine in EdgeOS? If it works there it seems like it should be able to be made to work in Vyos.

This actually makes Vyos unusable for me.

#6

It’s an upstream issue, in fact wireguard don’t support mechanism of dynamic addresses by itself.
Of course you/we can use any workaround with cron/script/custom_daemon_checker
And it will work up to some point.
But it is not a production solution.
If you have any ideas or suggestions, we are always happy to discuss it.
Maybe together we will find the right solution for the implementation.

1 Like
#7

I think I may have misunderstood the situation.

Having a cron job to periodically resolve the domain name is a perfectly good solution - I’ve been using that approach on edgeos for years without any problems . Having something like this in crontab for each tunnel solves my problem:

*/1 * * * * root /config/scripts/update-wg2.sh

#8

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.