Replies: 1 comment 4 replies
-
|
there are a couple of ways to achieve the network connectivity you describe about but as with pure wireguard, BGP would not be used. |
Beta Was this translation helpful? Give feedback.
-
|
Do we have any dynamic way of doing this? Can Plexus help with this? |
Beta Was this translation helpful? Give feedback.
-
|
You could create a second plexus network with cidr of 10.100.100.0/24 and have the 3 machine join that network |
Beta Was this translation helpful? Give feedback.
-
|
So should another tunnel interface be needed to be created on the clients in the 10.100.100.0/24 range? |
Beta Was this translation helpful? Give feedback.
-
correct |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
In my setup, I've two hosts (host1 and host2) that form a Wireguard tunnel between the cloud server (host1 --- cloud server --- host2). Over WireGuard there is a BGP neighborship between host1 and host2 using FRRouting.
Below are the wireguard tunnel interfaces IP addresses:
host1: 10.0.0.3/32
cloud server: 10.0.0.10/24
host2: 10.0.0.4/32
Say on host1, I created a loopback interface that has an IP address of 100.100.100.1/32 and advertised it to host2. I see that host2's routing table has the following entry for the prefix 100.100.100.1/32:
Ping from host2 to 100.100.100.1 didn't work as it doesn't have a tunnel to 10.0.0.3 which is host1.
To address this I added the prefix 100.100.100.1/32 in the list of
AllowedIPsinwg0.confin host2.Now the route points to the wg tunnel interface directly, and the ping worked!
But by doing the above change I feel there is no use of BGP here.
My question is if I use Plexus, will this limitation be taken care of? As Plexus is an agent running in the clients or hosts, will advertisement and route installation or modification be taken care of? @mattkasun
Beta Was this translation helpful? Give feedback.
All reactions