Project

General

Profile

Actions
Copy link

Feature #15107

open

An option to disable routes

Added by Mike Moore 4 months ago. Updated 3 months ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
WireGuard
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Plus Target Version:

Description

When using Wireguard with FRR (dynamic routing) there needs to be an option to select 'Disable routes'
This will prevent installing routes. Usually you only enable this to do own routing decisions via a local gateway and gateway rules or dynamic routing.

There is a quirky workaround for this which is to put 0.0.0.0 in the allowed IP list.

Actions
Copy link
 #1

Updated by Kris Phillips 3 months ago

Mike Moore wrote:

When using Wireguard with FRR (dynamic routing) there needs to be an option to select 'Disable routes'
This will prevent installing routes. Usually you only enable this to do own routing decisions via a local gateway and gateway rules or dynamic routing.

There is a quirky workaround for this which is to put 0.0.0.0 in the allowed IP list.

Mike,

Can you please clarify? What "routes" are you referring to. The only routes that should be installed are the wg0 interface routes for the locally attached interface. At least in a S2S scenario, anyway.

Actions
Copy link
 #2

Updated by Mike Moore 3 months ago

Hey Kris,
The scenario is using wireguard with FRR , bgp in my case.
As i am getting routes from a remote gateway i should ONLY receive routes from that gateway and the only way to achieve this is to use 0.0.0.0 in the allowed list. Failure to do that, pfsense will not load any of the remote routes in its route table.

Actions
Copy link

Also available in: Atom PDF