WG endpoints should be accessible from nodes

[joelwanner]

The routing configurations written to the Docker container are making debugging much harder, since they cannot be pinged from the SBAS node.

[joelwanner]

Something strange seems to be going on here: if I run ping 184.164.236.1 on the Frankfurt node, the packet does not go across the tunnel to Oregon, but instead out to the interface ens5 to the Internet.

When specifying ping 184.164.236.1 -I sbas-oregon, the packet goes over the tunnel as expected, but still has a source address selected from the ens5 prefix. This way, the ping either does not get routed all the way to the WG endpoint at Oregon, or there is a problem in the return direction (since Oregon does not know to send this source address). I investigated this using tcpdump icmp -i sbas-frankfurt on the Oregon node.

[joelwanner]

Haven't been able to reproduce the unexpected behavior anymore.

From within the Docker container at Frankfurt, things work fine with ping 184.164.236.1 -I 184.164.236.129, so I don't think there's an issue here.