3.9 KiB
WICE - Wireguard Interactive Connectivity Establishment
WICE is a userspace daemon managing Wireguard interfaces to establish peer-to-peer connections in harsh network environments.
It relies on the awesome pion/ice package for the interactive connectivity establishment as well as bundles the Go userspace implementation of Wiguard in a single binary for environments in which Wireguard kernel support has not landed yet.
Getting started
To use WICE you first need to setup a signalling server:
- Install WICE:
go get riasc.eu/wice - Run the signalling server on a publicly accessible node:
wice-signal-http -port 8080
Afterwards perform the following steps on each node which should join the mesh:
- Install WICE:
go get riasc.eu/wice - Configure your Wireguard interfaces using
wg,wg-quickor NetworkManager - Start the WICE daemon by running:
sudo wice -backend http://signalling-server:8080
The WICE daemons will now attempt to discover valid endpoint addresses using the ICE protocol (e.g. contacting STUN servers).
These ICE candidates are then exchanged via the signalling server and WICE will update the endpoint addresses of the Wireguard peers accordingly.
Once this has been done, the WICE logs should show Connected to peer.
Documentation
Documentation of WICE can be found in the docs/ directory.
Authors
- Steffen Vogel (@stv0g, Institute for Automation of Complex Power Systems, RWTH Aachen University)
Funding acknowledment
The development of WICE has been supported by the ERIGrid 2.0 project of the H2020 Programme under Grant Agreement No. 870620
https://riyazali.net/posts/berkeley-packet-filter-in-golang/ https://squidarth.com/networking/systems/rc/2018/05/28/using-raw-sockets.html