Tunneled connections

[RafaelKr]

I would like to create a topology of a Point-to-Site network. A simplified version of Fig 3.2 described here: https://www.procustodibus.com/blog/2020/10/wireguard-topologies/#point-to-site

This is what I have currently:

So it's not that far from what I would like to have. But I'm missing 2 things to make it more accurate:

1. Specify that wg0 is routed inside another network between some hosts (middleware and hosts 1-3).
2. A (tunneled) connection that is routed over the internet (maybe this is already possible?)

I also have an idea for styling tunneled connections:

• Duplicate the <path> of the connection
• Increase the stroke-width of the first path and set stroke-opacity="0.5"

- <path fill="none" stroke="#f1cf8a" stroke-width="2" d="M955.6 524.2h211.6m-211.6 0h93.6a5 5 0 0 1 5 5v150a5 5 0 0 0 5 5h108m-211.6-160h93.6a5 5 0 0 0 5-5v-150a5 5 0 0 1 5-5h108"/>
+ <path fill="none" stroke="#f1cf8a" stroke-width="8" stroke-opacity="0.5" d="M955.6 524.2h211.6m-211.6 0h93.6a5 5 0 0 1 5 5v150a5 5 0 0 0 5 5h108m-211.6-160h93.6a5 5 0 0 0 5-5v-150a5 5 0 0 1 5-5h108"/>
+ <path fill="none" stroke="#70a5eb" stroke-width="2" d="M955.6 524.2h211.6m-211.6 0h93.6a5 5 0 0 1 5 5v150a5 5 0 0 0 5 5h108m-211.6-160h93.6a5 5 0 0 0 5-5v-150a5 5 0 0 1 5-5h108"/>

Then it would look like

It's still not there yet, because it's not really visible that the connection is wg0 via enp7s0 <=> enp7s0 to wg0 but maybe we could just write it like wg0 via enp7s0.

Would this be possible without to much work?