惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

酷 壳 – CoolShell
酷 壳 – CoolShell
H
Hacker News: Front Page
P
Palo Alto Networks Blog
T
ThreatConnect
Apple Machine Learning Research
Apple Machine Learning Research
博客园_首页
T
True Tiger Recordings
P
Privacy & Cybersecurity Law Blog
B
Blog
IT之家
IT之家
Last Week in AI
Last Week in AI
F
Full Disclosure
Hacker News: Ask HN
Hacker News: Ask HN
C
Comments on: Blog
Microsoft Azure Blog
Microsoft Azure Blog
C
Cybersecurity and Infrastructure Security Agency CISA
Microsoft Security Blog
Microsoft Security Blog
博客园 - 【当耐特】
N
News and Events Feed by Topic
NISL@THU
NISL@THU
腾讯CDC
雷峰网
雷峰网
Security Latest
Security Latest
李成银的技术随笔
M
Microsoft Research Blog - Microsoft Research
L
LangChain Blog
L
Lohrmann on Cybersecurity
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
C
Check Point Blog
Y
Y Combinator Blog
Recent Announcements
Recent Announcements
博客园 - Franky
N
News | PayPal Newsroom
V
V2EX
A
About on SuperTechFans
The Register - Security
The Register - Security
月光博客
月光博客
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
Google Online Security Blog
Google Online Security Blog
MyScale Blog
MyScale Blog
Cisco Talos Blog
Cisco Talos Blog
Vercel News
Vercel News
WordPress大学
WordPress大学
C
Cyber Attacks, Cyber Crime and Cyber Security
The Hacker News
The Hacker News
IntelliJ IDEA : IntelliJ IDEA – the Leading IDE for Professional Development in Java and Kotlin | The JetBrains Blog
IntelliJ IDEA : IntelliJ IDEA – the Leading IDE for Professional Development in Java and Kotlin | The JetBrains Blog
爱范儿
爱范儿
A
Arctic Wolf
L
LINUX DO - 最新话题
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More

Java不加糖的Blog

DSB in SBG ODE常微分方程总结 Windows分应用跳过管理员弹窗 docker配置wikijs 使用socket代理解决企业微信可信ip问题 PowerShell美化 Kaggle比赛RSNA-2022骨折检测 CloudComPy库安装 Pandas的数据操作 齐次坐标系的理解 NgeNet论文理解 2023年必装的Windows软件
wireguard折腾记录
2023-08-05 · via Java不加糖的Blog

  • 条件: 有一个动态公网ip的服务器(openwrt),NameSilo域名+DDNS

  • 需求:有两个局域网需要打通and有一个无公网ip的机器需要内网传统。

尝试两个wireguard服务器互联

两个服务器都安装wireguard,然后配置好服务器端和客户端,然后两个服务器互联,可以互相ping通。 用ipv6链接,盲猜校园网可以免流。

等等先

解决动态公网ip变更后wireguard无法连接的问题

自动重连、自动更新配置文件、自动更新域名解析

From: https://v2ex.com/t/863087

官网上说是不会自动解析域名,所以配置里面EndPoint填的是域名也没有用。

Endpoint with changing IP After resolving a server's domain, WireGuard will not check for changes in DNS again. If the WireGuard server is frequently changing its IP-address due DHCP, Dyndns, IPv6, etc., any WireGuard client is going to lose its connection, until its endpoint is updated via something like wg set "\(INTERFACE" peer "\)PUBLIC_KEY" endpoint "$ENDPOINT". Also be aware, if the endpoint is ever going to change its address (for example when moving to a new provider/datacenter), just updating DNS will not be enough, so periodically running reresolve-dns might make sense on any DNS-based setup. Luckily, wireguard-tools provides an example script /usr/share/wireguard-tools/examples/reresolve-dns/reresolve-dns.sh, that parses WG configuration files and automatically resets the endpoint address. One needs to run the /usr/share/wireguard-tools/examples/reresolve-dns/reresolve-dns.sh /etc/wireguard/wg.conf periodically to recover from an endpoint that has changed its IP. One way of doing so is by updating all WireGuard endpoints once every thirty seconds[6] via a systemd timer:

1
git clone https://git.zx2c4.com/wireguard-tools /usr/share/wireguard-tools
1
2
3
4
5
6
7
8
9
# sudo vim /etc/systemd/system/wireguard_reresolve-dns.timer
[Unit]
Description=Periodically reresolve DNS of all WireGuard endpoints
[Timer]
OnCalendar=*:*:0/30
[Install]
WantedBy=timers.target
1
2
3
4
5
6
7
8
9
# sudo vim /etc/systemd/system/wireguard_reresolve-dns.service
[Unit]
Description=Reresolve DNS of all WireGuard endpoints
Wants=network-online.target
After=network-online.target
[Service]
Type=oneshot
ExecStart=/bin/sh -c 'for i in /etc/wireguard/*.conf; do /usr/share/wireguard-tools/contrib/reresolve-dns/reresolve-dns.sh "$i"; done'
1
sudo systemctl enable wireguard_reresolve-dns.service wireguard_reresolve-dns.timer --now

此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。