Re: WireGuard-p2p: A tool for NAT traversal

["Manuel Schölling" <manuel.schoelling@gmx.de>]

Hi Jason,

On Fri, 2017-09-22 at 03:11 +0200, Jason A. Donenfeld wrote:
> Looks like you rewrote this project from python into rust. Cool!
Yes, it was about time. It took quite a while but I think it was worth
while.

> I'd be interested to learn what's new, what's changed, and what's up
> in general. I always thought this was a pretty neat idea.
>From the functional point of view there is not a lot of change.
You can
 A) exchange your public keys using wireguard-p2p (publish & search
modes)
 B) setup a wireguard peer-to-peer connection


A) Exchange public keys
-----------------------
You can simply choose a name for your computer (e.g. alice_laptop) and
then bob can search for it:

   on Alice's computer: $ cargo run publish wg0 alice_laptop
   on Bob's computer: $ cargo run search alice_laptop
                      => lists Alice's public key on Bob's console


B) peer-to-peer connection
--------------------------
Just setup your wireguard connections (/etc/wireguard/*.conf files) as
usual but you can leave out the Endpoint.
Add the device and the public keys of the corresponding peers to
/etc/wireguard-p2p.conf like this:

[wg0]
Peer1=<bobs_public_key>

Now start wireguard-p2p using
$ cargo run daemon

wireguard-p2p will try to determine your IP/port using STUN, publish it
in a distributed-hash-table (bulletinboard-dht) and will try to lookup
Bob's IP/port in the distributed-hash-table, too.
If it finds Bob's IP/port, it will proxy data between Alice and Bob.


It's not perfect, yet, but if you guys find some issues, let me know!

Bye,

Manuel