shenanigans - I moved and I only have a "double carrier NAT" so no open ports, no public IP. I do have a VPS that I can use as a "bounce server" with port forwarding. I use Wireguard to keep my home server always connected to the VPS, and thus in theory forward server traffic back. Also in practice, since you see this post.

The problem I had is that I need the "AllowedIPs = 0.0.0.0/0" since I want to be able to serve traffic "from everywhere" (federation FTW!). Unfortunately, when using 'wg-quick' it means that it will set up special routing rules to redirect *all* (even outgoing) traffic through Wireguard, and thus VPS. I noticed when Steam downloads became slow :) (yes, this server is also a gaming machine).

Show thread
Follow

What ended up working is a) Setting "Table = off" in the Wireguard config, not to create the "move all traffic through Wireguard" routing rules, b) manually route traffic coming from wg0: "ip route add default via $WG0_IP dev wg0 table 1000; ip rule add from $WG0_IP table 1000"

Sign in to participate in the conversation
Mastodon

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!