|
|
|
|
|
|
by tssva
2379 days ago
|
|
|
While I agree that handling the needs of the simple base VPN case easily is important I think that could have been done without complicating things for the more advance uses. The areas where Wireguard is clever versus simple is where the complexity for advanced scenarios has crept in. If the protocol had implemented a mapping of peers to interfaces or sub-interfaces, left ip filtering purely to the system firewall and depended upon system routing capabilities it would be less complex to use in more advance scenarios and need not be more complex in simple scenarios. In simple scenarios wg-quick could have been responsible for the needed routing and firewall changes. It already makes some routing and DNS configuration changes. |
|
|