Wireguard Interactive Connectivity Establishment
🚧 ɯice is currently still in an Alpha state and not usable yet
ɯice is a user-space daemon managing Wireguard interfaces to establish peer-to-peer connections in harsh network environments.
It relies on the awesome pion/ice package for the interactive connectivity establishment as well as bundles the Go user-space implementation of Wireguard in a single binary for environments in which Wireguard kernel support has not landed yet.
Getting started
To use ɯice follow these steps on each host:
- Install ɯice:
go install riasc.eu/wice/cmd/wice@latest - Configure your Wireguard interfaces using
wg,wg-quickor NetworkManager - Start the ɯice daemon by running:
sudo wice daemon
Make sure that in step 2. you have created Wireguard keys and exchanged them by hand between the hosts. ɯice does not (yet) discover available peers. You are responsible to add the peers to the Wireguard interface by yourself.
After the ɯice daemons have been started, they will attempt to discover valid endpoint addresses using the ICE protocol (e.g. contacting STUN servers).
These ICE candidates are then exchanged via the signaling server and ɯice will update the endpoint addresses of the Wireguard peers accordingly.
Once this has been done, the ɯice logs should show a line state=connected.
Documentation
Documentation of ɯice can be found in the docs/ directory.
Authors
- Steffen Vogel (@stv0g, Institute for Automation of Complex Power Systems, RWTH Aachen University)
Join us
Please feel free to join our Slack channel #wice in the Gophers workspace and say 👋.
License
ɯice is licensed under the Apache 2.0 license.
Copyright 2022 Institute for Automation of Complex Power Systems, RWTH Aachen University
Funding acknowledgement
The development of k8s-netem has been supported by the ERIGrid 2.0 project of the H2020 Programme under Grant Agreement No. 870620