{"id":13875848,"url":"https://github.com/m13253/VxWireguard-Generator","last_synced_at":"2025-07-16T10:32:02.494Z","repository":{"id":47079293,"uuid":"139152844","full_name":"m13253/VxWireguard-Generator","owner":"m13253","description":"Utility to generate VXLAN over Wireguard mesh SD-WAN configuration","archived":false,"fork":false,"pushed_at":"2024-07-01T20:19:56.000Z","size":26,"stargazers_count":151,"open_issues_count":3,"forks_count":18,"subscribers_count":10,"default_branch":"master","last_synced_at":"2024-11-20T09:37:23.522Z","etag":null,"topics":["sd-wan","vxlan","wireguard"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/m13253.png","metadata":{"files":{"readme":"Readme.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-06-29T13:28:43.000Z","updated_at":"2024-11-11T03:49:56.000Z","dependencies_parsed_at":"2022-08-27T22:51:35.417Z","dependency_job_id":null,"html_url":"https://github.com/m13253/VxWireguard-Generator","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/m13253%2FVxWireguard-Generator","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/m13253%2FVxWireguard-Generator/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/m13253%2FVxWireguard-Generator/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/m13253%2FVxWireguard-Generator/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/m13253","download_url":"https://codeload.github.com/m13253/VxWireguard-Generator/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":226122303,"owners_count":17576920,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["sd-wan","vxlan","wireguard"],"created_at":"2024-08-06T06:00:45.991Z","updated_at":"2024-11-24T03:31:27.940Z","avatar_url":"https://github.com/m13253.png","language":"Python","funding_links":[],"categories":["Python","others"],"sub_categories":[],"readme":"VxWireguard-Generator\n=====================\n\nUtility to generate VXLAN over Wireguard mesh SD-WAN configuration\n\n## Recommendation of RAIT\n\nIn case you want a \"poor-man's SD-WAN\" based on Wireguard and VWGen cannot suit your needs, you may also want to consider [RAIT](https://gitlab.com/NickCao/RAIT).\n\n---\n\n## Setup\n\nRequires: Linux, Python \u003e= 3.7, [toml](https://pypi.org/project/toml/), [PyNaCl](https://pypi.org/project/PyNaCl/)\n\n```bash\nsudo pip3 install -r requirements.txt\npython3 setup.py build\nsudo python3 setup.py install --force\n```\n\n## Example\n\n```bash\n# Find a good place to store the data\nmkdir -p ~/Documents/vwnetworks\ncd ~/Documents/vwnetworks\n\n# Add a mesh network\nvwgen add wg-meshvpn\n\n# Set the address pool of the network\nvwgen set wg-meshvpn pool-ipv4 172.20.10.0/24 pool-ipv6 2001:db8:42::/64\n\n# Add 3 nodes\n# They will have IPv4 addresses fixed and IPv6 addresses dynamically calculated on demand\nvwgen add wg-meshvpn node1 node2 node3\n\n# Set endpoint of node1 and node2 to their public IP addresses (either IPv4 or IPv6 will work), leave empty for node3 so it will do auto-discovery\nvwgen set wg-meshvpn node node1 endpoint '[2001:db8:1::1]:1234' listen-port 1234\nvwgen set wg-meshvpn node node2 endpoint '[2001:db8:2::1]:2345' listen-port 2345\nvwgen set wg-meshvpn node node3 listen-port 3456\n\n# Show all information we have so far\nvwgen show wg-meshvpn\n\n# Generate a configuration for node1\n# It's a bad habit to log into server with root, this is just a demo\nvwgen showconf wg-meshvpn node1 \u003e node1.conf\nscp node1.conf 'root@[2001:db8:1::1]:/etc/wireguard/wg-meshvpn.conf'\nssh root@2001:db8:1::1 chmod 600 /etc/wireguard/wg-meshvpn.conf \\; systemctl enable --now wg-quick@wg-meshvpn\n\n# Generate a configuration for node2\nvwgen showconf wg-meshvpn node2 \u003e node2.conf\nscp node1.conf 'root@[2001:db8:2::1]:/etc/wireguard/wg-meshvpn.conf'\nssh root@2001:db8:2::1 chmod 600 /etc/wireguard/wg-meshvpn.conf \\; systemctl enable --now wg-quick@wg-meshvpn\n\n# The configuration is stored in plaintext TOML format\nless wg-meshvpn.conf\n```\n\n## Routing protocol\n\nNow you have all your nodes on the same virtual Ethernet.\n\nYou may run routing protocol designed for mesh networks (e.g.\n[Babel](https://github.com/jech/babeld), EIGRP) on interface `vwg-meshvpn` to\nannounce connected network segments to each other, and to calculate the best\nforwarding route between each node.\n\n## Limitations\n\n- The MAC and IPv6 addresses is generated with the last bits from the public key. Currently no duplication detection is performed. It is recommended that you check the addresses yourself, or use DAD to detect duplicates. If a collision is found, please regenerate a new key, or packets will be forwarded to the wrong node.\n\n- The mesh network relies on the fact that every node is in a trusted environment that no one can inject IPv6 ND packets into the backbone network. In other words, do not bridge the backbone network to your customer network. Use routing instead of bridging.\n\n## License\n\nMIT License\n\nCopyright (c) 2018 Star Brilliant\n\nPermission is hereby granted, free of charge, to any person obtaining a copy\nof this software and associated documentation files (the \"Software\"), to deal\nin the Software without restriction, including without limitation the rights\nto use, copy, modify, merge, publish, distribute, sublicense, and/or sell\ncopies of the Software, and to permit persons to whom the Software is\nfurnished to do so, subject to the following conditions:\n\nThe above copyright notice and this permission notice shall be included in all\ncopies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\nIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\nFITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\nAUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\nLIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\nOUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\nSOFTWARE.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fm13253%2FVxWireguard-Generator","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fm13253%2FVxWireguard-Generator","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fm13253%2FVxWireguard-Generator/lists"}