This is an automated archive.
The original was posted on /r/wireguard by /u/Lu5ck on 2023-12-30 21:30:06+00:00.
Dear all,
I am trying to setup VPS like this
<-> Internet <-> VPS A <-> VPS B <-> Internet
<-> Internet <-> VPS A <-> VPS C <-> Internet
VPS A is a game server
VPS B is an alternate route to VPS A, also the public IP for the game server. Due to network issue, VPS B has better route to VPS A than VPS A directly to internet.
This my A config, obviously not real IP.
[Interface]
Address = 192.168.4.1/30
PrivateKey =
ListenPort = 59308
Table = off
[Peer]
PublicKey =
AllowedIPs = 192.168.4.2/30, 0.0.0.0/0
Endpoint = 90.12.15.101:42252
PersistentKeepalive = 25
On B, I have this
[Interface]
Address = 192.168.4.2/30
PrivateKey =
ListenPort = 42252
Table = off
[Peer]
PublicKey =
AllowedIPs = 192.168.4.1/30, 0.0.0.0/0
Endpoint = 46.250.12.31:59308
PersistentKeepalive = 25
On A, I also do these
echo '200 origin' >> /etc/iproute2/rt_tables
ip rule add from 46.250.12.31 table origin
ip route replace default via 46.250.12.1 dev eth0 table origin
ip rule add default dev wg0
As both are VPS servers, I want to keep my SSH alive. I trial and error out that having Table off will allow me to have 0.0.0.0/0 without destroying my SSH connectivity. I need 0.0.0.0/0 because otherwise, I won't be able ping to outside world through VPS B.
Likewise, in order for my VPS A to maintain SSH connectivity, I added a rule based policy before setting wg0 as default route to force my game application to run on that VPS B IP.
Now, my problem is I too would like to able to connect to my game server on A via server A's internet itself. However, I simply couldn't get it to work. On my tcpdump, I could see the packet but it just doesn't capture by the game application for unknown reason.
It is puzzling because the game server can see connection request from VPS C which config are not any different from B and A, with same table off and 0.0.0.0/0
Am I doing my routing wrong? Am I missing something?