r/WireGuard

•

6 yr. ago

Stocarson

Multicast routing through WireGuard

I'm trying to access some bonjour-based services remotely over WireGuard on iOS, like Apple Home Kit.

A quick inspection on Wireshark revealed that it is based on multicast packets with destination IP 224.0.0.251.

I've setup smcroute with the following configuration on the WireGuard host:

mroute from eth0 group 224.0.0.251 to wg0

mroute from wg0 group 224.0.0.251 to eth0

However when performing a multicast ping with ping -I eth0 -t 20 224.0.0.251 and attaching tcpdump on the wg0 interface I don't see any multicast packet flowing through.

Is WireGuard capable of sending multicast packets right now? Or have I just misconfigured something?

applecard

•

Promoted

Apple Card is a no-fee credit card that gives you up to 3% unlimited Daily Cash back on all of your purchases. Apply now and use right away. Terms apply.

Apply Now

learn.applecard.apple

Sort by:

Best

Open comment sort options

Best

Top

New

Controversial

Old

Q&A

Swedophone

•

6y ago

Have you got one peer only? Then I guess it could work, but I don't see how multicast could work with more peers since one IP address can't be associated with more than one peer.

Stocarson

•

6y ago

To analyze traffic on a remote host where you have SSH access (your router) you can use this:

ssh root@HOST tcpdump -U -s0 -w - 'not port 22' | wireshark -k -i -

Which basically executes tcpdump on the remote machine filtering out port 22 (the SSH connection itself) and pipes the captured data to stoout and to your local wireshark instance.

Stocarson

•

6y ago

I’ve actually got many peers, but I’m interested in forwarding multicast packets only to one peer, should I add the multicast address to its allowed IPs right?

Swedophone

•

6y ago

should I add the multicast address to its allowed IPs right?

Yes.

More replies

daveb778

•

6y ago

How would this be done on ubuntu server?

Stocarson

•

6y ago

Actually I never managed to make this fully work on Arch Linux ARM 😔

daveb778

•

6y ago

damn that sucks, i tired it and it worked for a split second then it stopped and i dunno why.

More replies

Multicast routing through WireGuard

Need help configuring multicast over WireGuard

Multicast support in Wireguard

ospf or multicast over WireGuard

Is it okay to leave wireguard on all the time?

Wireguard MFA

Only use wireguard with specific applications?

Trying to have Minecraft server go through wireguard.

WireGuard server + REST API

Wireguard script to setup a VPN server

No internet access when connected to WireGuard VPN

Are you connected to wireguard 24/7?

I can't setup Wireguard VPN

How secure is wireguard for a small business when peoples computers might get hacked and the config file stolen?

WireGuard setup for public static IPv6

mDNS issue, trying multicast between peers

WireGuard with Bandwidth Control (ProofOfConcept)

How to easily deploy WireGuard on DXP4800Plus for remote access

Is it possible to host wireguard VPN behind CGNAT?

Wireguard iOS Not available in Germany

Can't get zeroconf/avahi/mDNS reflection to work through WG

WireGuard Easy Setup

Absolutely cannot figure out Wireguard VPN set up

Wireguard, have to open port?

How to remote access homelab with WireGuard + local DNS names?

Where does Wireguard store the clients data files on android?

Top Posts