shenanigans - I moved and I only have a "double carrier NAT" so no open ports, no public IP. I do have a VPS that I can use as a "bounce server" with port forwarding. I use Wireguard to keep my home server always connected to the VPS, and thus in theory forward server traffic back. Also in practice, since you see this post.

Follow

The problem I had is that I need the "AllowedIPs = 0.0.0.0/0" since I want to be able to serve traffic "from everywhere" (federation FTW!). Unfortunately, when using 'wg-quick' it means that it will set up special routing rules to redirect *all* (even outgoing) traffic through Wireguard, and thus VPS. I noticed when Steam downloads became slow :) (yes, this server is also a gaming machine).

What ended up working is a) Setting "Table = off" in the Wireguard config, not to create the "move all traffic through Wireguard" routing rules, b) manually route traffic coming from wg0: "ip route add default via $WG0_IP dev wg0 table 1000; ip rule add from $WG0_IP table 1000"

Show thread
Sign in to participate in the conversation
Mastodon

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!