Federated wireguard network idea
Any feedback welcome.

Let’s keep things stupidly simple and simply hash the domain name to get a unique IPv6 ULA prefix.

Then we would need a stupidly simple backend application to automatically fetch pubkeys and endpoints from DNS and make a request to add each others as peers.

Et voilà, you got a worldwide federated wireguard network resolving private ULA addresses. Sort of an internet on top of the internet .

The DNS entries with the public IPv4 / IPv6 addresses could even be delegated to other domains / endpoints which would act as reverse proxy (either routing or nesting tunnels) for further privacy.

Maybe my approach is too naïve and there are flaws I haven’t considered, so don’t be afraid to comment.

Exact use cases? Idk, but it sounds nifty.

#privacy #networking #VPN #wireguard #infosec

cc: @fediverse

  • Wander ΘΔ :verified_paw:OP
    link
    fedilink
    21 year ago

    @nysepho @fediverse there would be routing without being peered directly by delegating your endpoint to another peer you trust (this can create an infinitely long routing chain depending on where you latch on so to speak, but you would be in control)

    • @[email protected]
      link
      fedilink
      11 year ago

      Routing would be the hard bit I expect… if the person you were communicating was 10 hops away how to find the route? Things like BGP do that naturally, but really you don’t want to burden potentially nontechnical users with BGP…