cunicu/docs/features/autocfg.md

---
# SPDX-FileCopyrightText: 2023 Steffen Vogel <post@steffenvogel.de>
# SPDX-License-Identifier: Apache-2.0
---

# Auto-configuration

The auto-configuration feature assigns link-local IP addresses to WireGuard interfaces as well as configures several other common settings such as MTU, IP addresses or DNS settings.

## Link local IP-addresses

This feature automatically assigns each interface link-local IPv4 and IPv6 addresses derived from the interface's public key.

This enables peer-to-peer communication when no site-local or global addresses are assigned yet.

### Address calculation

Addresses are generated by concatenating a well-known network prefix (`fe80::/64`, `169.254.0.0/16`) with an host part derived from the public key $PK$ of the peer/interface using the 64-bit [$\mathrm{SipHash}_{64}$](https://en.wikipedia.org/wiki/SipHash) hashing function:

$$
\begin{align}
H~=&~\mathrm{SipHash}_{64}(PK) \\
H_{fold}~=&~(H \land \mathrm{0xFFFF}) \barwedge (H \gg 16) \\
\mathrm{IPv6}_{link-local}~=&~\{ \mathrm{fe80:}~||~H~\} /64 \\
\mathrm{IPv4}_{link-local}~=&~\{ \mathrm{169.254.}~||~H_{fold}~\}/16 \\
\end{align}
$$

This addresses calculation can be performed with the [`cunicu addresses`](../usage/md/cunicu_addresses.md) sub-command.

## Missing settings

The following settings are automatically assigned if they have not been set before:

-   **Private Key:** a new random private key will be generated.
-   **Listen port:** the next free port in the configured listen port range is used (see `wireguard.listen_port_range` setting).
-   **MTU:** is automatically determined from the endpoint addresses or the system default route.

## Configuration

The following settings can be used in the main section of the [configuration file](../config/) or with-in the `interfaces` section to customize settings of an individual interface.

import ApiSchema from '@theme/ApiSchema';

<ApiSchema pointer="#/components/schemas/BasicInterfaceSettings" />