Project

General

Profile

Feature #11604

WireGuard Dynamic Listen Port Randomization

Added by Christian McDonald about 1 month ago. Updated 28 days ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
WireGuard
Target version:
Start date:
03/02/2021
Due date:
% Done:

0%

Estimated time:
Release Notes:
Default

Description

In CGNAT situations, like failing over to an LTE WAN for instance, it can be problematic to have the listen address on a dynamic endpoint fixed (say at 51820). The Linux implementation incorporates listen port randomization on dynamic peers. Ideally something like this logic: Dynamic client randomly chooses listen port and reaches out to a fixed ip/port peer (call this the "server"). If the dynamic client doesn't receive return packets in a certain amount of time (the persistent keep alive value would be appropriate for this), then the dynamic client will choose another random port and try again. This ensures a best effort to finding an available UDP path.

History

#1 Updated by Jim Pingle 28 days ago

  • Target version set to Future

Also available in: Atom PDF