vyos/vyos-documentation
1
0
Fork 0
mirror of https://github.com/vyos/vyos-documentation.git synced 2025-10-26 08:41:46 +01:00
Code Issues Packages Projects Releases Wiki Activity

autotest: Wireguard pump version

Browse Source
This commit is contained in:
rebortg 2022-03-28 16:13:59 +02:00
parent bbf1edb455
commit 83aaa9379d
4 changed files with 597 additions and 644 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1205
docs/configexamples/autotest/Wireguard/Wireguard.log
View File

File diff suppressed because it is too large Load Diff

30
docs/configexamples/autotest/Wireguard/Wireguard.rst
View File

@ -3,8 +3,8 @@ Wireguard
######### #########
| Testdate: 2021-11-30 | Testdate: 2022-03-28
| Version: 1.4-rolling-202104132216 | Version: 1.4-rolling-202203280217
This simple structure show how to connect two offices. One remote branch and the This simple structure show how to connect two offices. One remote branch and the
@ -44,9 +44,9 @@ After this, the public key can be displayed, to save for later.
.. code-block:: none .. code-block:: none
vyos@central:~$ generate wireguard default-keypair vyos@central:~$ generate pki wireguard
vyos@central:~$ show wireguard keypairs pubkey default Private key: 2BmTwXO1NpakOsa2ynnIqW3c1s3aT/gVtCUJnecefXY=
P9y9TTRzIOVl27Ij9n/BXjZUdQFADZ5WnHV0kQr1ulQ= Public key: BU+4Dyr3VldI2DJiBji50Egqr58071puYdXhoyRvuH8=
After you have each public key. The wireguard interfaces can be setup. After you have each public key. The wireguard interfaces can be setup.
@ -56,13 +56,13 @@ Central
.. literalinclude:: _include/central.conf .. literalinclude:: _include/central.conf
:language: none :language: none
:lines: 4-11 :lines: 4-12
Branch Branch
.. literalinclude:: _include/branch.conf .. literalinclude:: _include/branch.conf
:language: none :language: none
:lines: 4-11 :lines: 4-12
To reach the network, a route must be set on each VyOS host. To reach the network, a route must be set on each VyOS host.
@ -72,13 +72,13 @@ Central
.. literalinclude:: _include/central.conf .. literalinclude:: _include/central.conf
:language: none :language: none
:lines: 13 :lines: 14
Branch Branch
.. literalinclude:: _include/branch.conf .. literalinclude:: _include/branch.conf
:language: none :language: none
:lines: 13 :lines: 14
********************* *********************
Testing and debugging Testing and debugging
@ -102,11 +102,11 @@ And ping the Branch PC from your central router to check the response.
vyos@central:~$ ping 10.0.2.100 count 4 vyos@central:~$ ping 10.0.2.100 count 4
PING 10.0.2.100 (10.0.2.100) 56(84) bytes of data. PING 10.0.2.100 (10.0.2.100) 56(84) bytes of data.
64 bytes from 10.0.2.100: icmp_seq=1 ttl=63 time=0.526 ms 64 bytes from 10.0.2.100: icmp_seq=1 ttl=63 time=0.580 ms
64 bytes from 10.0.2.100: icmp_seq=2 ttl=63 time=0.583 ms 64 bytes from 10.0.2.100: icmp_seq=2 ttl=63 time=0.862 ms
64 bytes from 10.0.2.100: icmp_seq=3 ttl=63 time=0.873 ms 64 bytes from 10.0.2.100: icmp_seq=3 ttl=63 time=0.754 ms
64 bytes from 10.0.2.100: icmp_seq=4 ttl=63 time=0.753 ms 64 bytes from 10.0.2.100: icmp_seq=4 ttl=63 time=0.669 ms
--- 10.0.2.100 ping statistics --- --- 10.0.2.100 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 48ms 4 packets transmitted, 4 received, 0% packet loss, time 3094ms
rtt min/avg/max/mdev = 0.526/0.683/0.873/0.141 ms rtt min/avg/max/mdev = 0.580/0.716/0.862/0.104 ms

3
docs/configexamples/autotest/Wireguard/_include/branch.conf
View File

@ -1,13 +1,14 @@
set interface ethernet eth2 address 10.0.2.254/24 set interface ethernet eth2 address 10.0.2.254/24
set interface ethernet eth1 address 198.51.100.2/24 set interface ethernet eth1 address 198.51.100.2/24
set interfaces wireguard wg01 private-key 'uNz9h7kM5t1Bz5NMk1WscVbtzY1URwm6qK2gnkslp08='
set interfaces wireguard wg01 address 192.168.0.2/24 set interfaces wireguard wg01 address 192.168.0.2/24
set interfaces wireguard wg01 description 'VPN-to-central' set interfaces wireguard wg01 description 'VPN-to-central'
set interfaces wireguard wg01 peer central allowed-ips 10.0.1.0/24 set interfaces wireguard wg01 peer central allowed-ips 10.0.1.0/24
set interfaces wireguard wg01 peer central allowed-ips 192.168.0.0/24 set interfaces wireguard wg01 peer central allowed-ips 192.168.0.0/24
set interfaces wireguard wg01 peer central address 198.51.100.1 set interfaces wireguard wg01 peer central address 198.51.100.1
set interfaces wireguard wg01 peer central port 51820 set interfaces wireguard wg01 peer central port 51820
set interfaces wireguard wg01 peer central pubkey "P9y9TTRzIOVl27Ij9n/BXjZUdQFADZ5WnHV0kQr1ulQ=" set interfaces wireguard wg01 peer central public-key 'BU+4Dyr3VldI2DJiBji50Egqr58071puYdXhoyRvuH8='
set interfaces wireguard wg01 port 51820 set interfaces wireguard wg01 port 51820
set protocols static route 10.0.1.0/24 interface wg01 set protocols static route 10.0.1.0/24 interface wg01

3
docs/configexamples/autotest/Wireguard/_include/central.conf
View File

@ -1,13 +1,14 @@
set interface ethernet eth2 address 10.0.1.254/24 set interface ethernet eth2 address 10.0.1.254/24
set interface ethernet eth1 address 198.51.100.1/24 set interface ethernet eth1 address 198.51.100.1/24
set interfaces wireguard wg01 private-key '2BmTwXO1NpakOsa2ynnIqW3c1s3aT/gVtCUJnecefXY='
set interfaces wireguard wg01 address 192.168.0.1/24 set interfaces wireguard wg01 address 192.168.0.1/24
set interfaces wireguard wg01 description 'VPN-to-Branch' set interfaces wireguard wg01 description 'VPN-to-Branch'
set interfaces wireguard wg01 peer branch allowed-ips 10.0.2.0/24 set interfaces wireguard wg01 peer branch allowed-ips 10.0.2.0/24
set interfaces wireguard wg01 peer branch allowed-ips 192.168.0.0/24 set interfaces wireguard wg01 peer branch allowed-ips 192.168.0.0/24
set interfaces wireguard wg01 peer branch address 198.51.100.2 set interfaces wireguard wg01 peer branch address 198.51.100.2
set interfaces wireguard wg01 peer branch port 51820 set interfaces wireguard wg01 peer branch port 51820
set interfaces wireguard wg01 peer branch pubkey "iUUItk5zA22azMltN+Kpp7Bh4g2mf1ea3liSEp9eQEs=" set interfaces wireguard wg01 peer branch public-key 'wgCmJKRpV4bm9VtQWc1ScKSojTSIVIkrqhYKUPxIgSA='
set interfaces wireguard wg01 port 51820 set interfaces wireguard wg01 port 51820
set protocols static route 10.0.2.0/24 interface wg01 set protocols static route 10.0.2.0/24 interface wg01