Skip to content

Instantly share code, notes, and snippets.

@yousong

yousong/wireguard-sticky-demo.sh

Created August 15, 2019 03:27
Show Gist options
  • Save yousong/e6ebd3c9f838286d6fda3228655c1f90 to your computer and use it in GitHub Desktop.
Save yousong/e6ebd3c9f838286d6fda3228655c1f90 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
wireguard-sticky-demo.sh
set -o errexit
set -o pipefail
set -o xtrace
ip netns del ns0 || true
ip netns del ns1 || true
ip netns add ns0
ip netns add ns1
ip link add dev veth00 type veth peer name veth01
ip link add dev veth10 type veth peer name veth11
ip link set dev veth00 netns ns0 up
ip link set dev veth01 netns ns1 up
ip link set dev veth10 netns ns0 up
ip link set dev veth11 netns ns1 up
ip netns exec ns0 bash -c '
set -o errexit
set -o pipefail
set -o xtrace
ip addr add 10.0.0.1/24 dev veth00
ip addr add 10.1.0.1/24 dev veth10
ip route add 10.2.0.0/24 via 10.1.0.2 dev veth10
ip link add dev wg0 type wireguard
ip link set dev wg0 up
wg set wg0 \
listen-port 9999 \
private-key <(echo 4GoeLPP7PD+M9c3XEqI0jddYrsCXWoBpZMfMOENnH2Q=) \
peer q7HIh+rKzTW1Jawb/gPe55oObOzBAftq0bRrMSZtMUU= persistent-keepalive 1 allowed-ips 0.0.0.0/0
'
ip netns exec ns1 bash -c '
set -o errexit
set -o pipefail
set -o xtrace
ip addr add 10.0.0.2/24 dev veth01
ip addr add 10.1.0.2/24 dev veth11
iptables -t nat -A POSTROUTING -d 10.0.0.1 -p udp --dport 9999 -j SNAT --to-source 10.2.0.1:19999
ip link add dev wg0 type wireguard
ip link set dev wg0 up
wg set wg0 \
listen-port 19999 \
private-key <(echo WFNoYbQOxeRgG91rpefGPp3CLEYbS1t7cdPulVeFe0A=) \
peer h5aRgmJ2Wz29dLc3y6SnmH0VRrB8s9493UPlphe8sAY= persistent-keepalive 1 allowed-ips 0.0.0.0/0 endpoint 10.0.0.1:9999
'
: make it through
: ip netns exec ns0 bash -c '
ip rule add from 10.0.0.1 lookup 100
ip route add default via 10.0.0.2 dev veth00 table 100
'
: teardown
: ip netns del ns0
: ip netns del ns1
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment