This is really a question for you about the wireguard setup script but I don't know where else to ask it but via an "issue"

[bmullan]

I have installed & tried this but I am wondering if I am either misunderstanding its goal or how to use it.

So...

Is this script's use-case to create the Wireguard Configs for X number of nodes.
Then the user has to copy each respective Wireguard Config to each remote Node intended to be in the Mesh?

Or... Is the use-case that the User runs this script on each individual Node that is to be in the Mesh? Then integrate with each other?

Lastly, this may not interest you but I've used another wireguard related app for several years now that creates VxLAN configurations for use with Wireguard Tunnels.

VxWireguard -Generator works great for its use-case.

I used it several years ago to create a Wireguard Full Mesh VPN with VxLAN tunneled thru Wireguard to multiple servers on Digital Ocean & Hetzner Clouds.

I used BGP to auto-route traffic thru the mesh also. All of that together also enables Multi-cast to work across the Mesh VPN.

Here is a PDF that describes much of what I did.

VxLAN does not do encryption so tunneling it thru Wireguard removes that exposure.

Anyway, looking at what your Script does it might be a great idea of you could Integrate VxWireguard-Generator & your tool together.

The result would become an all-in-one solution for a Layer 2 & 3 Mesh Overlay Network, that supports Multicast & eliminates Broadcast & Unknown Multicast (re BUM) problem.

[samurailink3]

For the first question about usage: The intention is to create configs for each node, then you send those configs to each person/node for the mesh.

This is less of a "Set up wireguard as a sysadmin" project and more of a "I want to run an open-source Hamachi-like service for my friends to play LAN-only games with". So no internet forwarding or anything too advanced. Its purely designed to keep all nodes on the same local network to facilitate P2P gaming.

That said, anyone can absolutely extend this into doing whatever they want with it. I love the idea of an easy L2/L3 SDN setup script, but I'm a bit worried about over-complicating the default use-case. If we can find a way to organize this so people can do advanced things with it, but without overburdening the users who just want "Hamachi, but open source", I'm open to the idea.

[bmullan]

@samurailink3 Nothing is mentioned about it but does your tool support IPv6 ?

My ISP (tmobile 5G internet) uses CGNAT so no port forwarding. However, that's not an issue with IPv6.

[samurailink3]

I think it should, but I haven't tested it. The POSTUP/POSTDOWN commands do contain allowances for ip6tables, so forwarding should work for clients on IPv6 connections. Theoretically you should just be able to set the endpoint to an IPv6 address and have it all work.

If you try it, let me know and I'll add it to the readme so others are aware.