Re: Activate netdev only on demand (e.g. for wireguard connection)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi,

On 3/11/21 11:01 AM, Reindl Harald wrote:
> 
> 
> Am 11.03.21 um 06:36 schrieb Amish:
>> Hello
>>
>> So I have a wireguard setup which I use to connect to my server.
>>
>> But I do not connect to it daily, just once a in a while.
>>
>> I have setup wg0.netdev file and wg0.network file and all is working 
>> fine.
>>
>> But how do I set it up such that interface wg0 does not connect 
>> automatically but comes up only when I run:
>>
>> #networkctl up wg0
>>
>> Effectively I want wireguard to connect/disconnect on demand
> 
> given that wireguard runs directly in the kernel and has no single 
> userland process what problem would you like to solve and why?

Seems like a perfectly mainstream use-case, no? Some people don't want 
to be hooked up to their VPN by default - particularly if it reroutes 
all their Internet traffic - so it makes sense to have this controlled 
manually.

Amish, I think you described your problem perfectly fine. It sounds like 
you want to add:

[Network]
ActivationPolicy=manual

to your wg0.network file.

More info here: 
https://www.freedesktop.org/software/systemd/man/systemd.network.html#ActivationPolicy=

If you are only using the wireguard interface to connect to a specific 
IP or subnet (e.g. your server's), you can also fine-tune the routes in 
your .network file. That way you might be able to live with - and even 
prefer - the interface always being up.

Kind regards,
Alvin
_______________________________________________
systemd-devel mailing list
systemd-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.freedesktop.org/mailman/listinfo/systemd-devel
[Index of Archives]     [LARTC]     [Bugtraq]     [Yosemite Forum]     [Photo]

  Powered by Linux