1.6 KiB
title: Auto-configuration
Auto-configuration
The auto-configuration feature assigns link-local IP addresses to WireGuard interfaces as well as configures several other common settings such as MTU, IP addresses or DNS settings.
Link local IP-addresses
This feature automatically assigns each interface link-local IPv4 and IPv6 addresses derived from the interface's public key.
This enables peer-to-peer communication when no site-local or global addresses are assigned yet.
Address calculation
Addresses are generated by concatenating a well-known network prefix (fe80::/64, 169.254.0.0/16) with an host part derived from the public key PK of the peer/interface using the 64-bit $\mathrm{SipHash}_{64}$ hashing function:
\begin{align}
H~=&~\mathrm{SipHash}_{64}(PK) \\
H_{fold}~=&~(H \land \mathrm{0xFFFF}) \barwedge (H \gg 16) \\
\mathrm{IPv6}_{link-local}~=&~\{ \mathrm{fe80:}~||~H~\} /64 \\
\mathrm{IPv4}_{link-local}~=&~\{ \mathrm{169.254.}~||~H_{fold}~\}/16 \\
\end{align}
This addresses calculation can be performed with the cunicu addresses sub-command.
Missing settings
The following settings are automatically assigned if they have not been set before:
- Private Key: a new random private key will be generated.
- Listen port: the next free port in the configured listen port range is used (see
wireguard.listen_port_rangesetting). - MTU: is automatically determined from the endpoint addresses or the system default route.