WICE - Wireguard Interactive Connectivity Establishment

WICE is a userspace daemon managing Wireguard interfaces to establish peer-to-peer connections in harsh network environments.

It relies on the awesome pion/ice package for the interactive connectivity establishment as well as bundles the Go userspace implementation of Wiguard in a single binary for environments in which Wireguard kernel support has not landed yet.

Getting started

To use WICE you first need to setup a signaling server:

1. Install WICE: go get riasc.eu/wice
2. Run the signaling server on a publicly accessible node: wice-signal -port 8080

Afterwards perform the following steps on each node which should join the mesh:

1. Install WICE: go get riasc.eu/wice
2. Configure your Wireguard interfaces using wg, wg-quick or NetworkManager
3. Start the WICE daemon by running: sudo wice -backend http://signaling-server:8080

The WICE daemons will now attempt to discover valid endpoint addresses using the ICE protocol (e.g. contacting STUN servers). These ICE candidates are then exchanged via the signaling server and WICE will update the endpoint addresses of the Wireguard peers accordingly. Once this has been done, the WICE logs should show Connected to peer.

Documentation

Documentation of WICE can be found in the docs/ directory.

Authors

• Steffen Vogel (@stv0g, Institute for Automation of Complex Power Systems, RWTH Aachen University)

Funding acknowledment

The development of WICE has been supported by the ERIGrid 2.0 project of the H2020 Programme under Grant Agreement No. 870620