|
|
|
|
|
|
by georgyo
2245 days ago
|
|
|
Load balancing UDP isn't too difficult. However that is not the hard part here. It is ensuring the routing happens correctly. A client must hard code it's IP address currently, which means if it can connect to more than one node, then it is unclear which path a response from a server should take to get back to that client. Each VPN instance could run NAT, but then users would never be able to talk to each other. Wireguard makes this significantly harder than say ipsec. WG has nothing to indicate when a client connects. And there is no dead peer detection, so you cannot tell one a client disconnects. IE. Scripting something to update a global routing table to say which sever has which client is near impossible. I use wireguard daily for personal stuff. However I cannot think how I would make it work in an active-active situation besides NAT, which I don't want. |
|
|
I agree with you, WireGuard makes this significantly harder than it needs to be. Other protocols do better in this respect.