0

I have a Rapsberry Pi with PiOS. My idea is to install WireGuard on it and route all traffic through WireGuard. I have set the Allowed IPs to 0.0.0.0/0.

I want the Pi to work on different networks and work as soon as I connect it without worrying about the network. That's why I can't set a static configuration and have to rely on DHCP.

The problem is that DHCP adds the following routes automatically at startup:

default via 10.2.1.3 dev ens18
10.2.0.0/16 dev ens18 proto kernel scope link src 10.2.150.39

So if I call e.g. 10.2.1.1 my traffic is not routed through WireGuard and I end up on another host. So I would like to disable the automatic generation of these routes so I can set my own. I appreciate any answer :)

Jonathan
  • 31
  • 3

1 Answers1

1

If you want to override the default route you could try statically defining the more specific 0.0.0.0/1 and 128.0.0.0/1 with your wireguard IP as the gateway?

Stygge
  • 21
  • 3
  • The problem is not the first default route (0.0.0.0/0 --> Gateway), but the second, automatically created subnet route (10.1.0.0/16 --> Gateway). I.e. I would have to create routes with at least /17 subnets to route local traffic over WireGuard. – Jonathan Aug 22 '22 at 18:20
  • Ah - sorry I obviously haven't quite understood the requirements. Maybe if you could add some more details it might help? – Stygge Aug 23 '22 at 13:34
  • I travel a lot for business, and change my work location frequently. I have some devices that are not VPN capable and I don't want to route their traffic unsecured through e.g. hotel WLANs. I also need to access my computers at home, and VPN is a good thing to avoid opening all ports. My idea to solve the problem was to use a Raspberry Pi as a router and connect all my devices through it. – Jonathan Aug 23 '22 at 14:39
  • Because the upstream network changes frequently, I rely on DHCP, but DHCP automatically creates a route for the local network my Pi is on, which I don't really want to connect to. I already had problems because of this, because for example I didn't reach my computers at home, but websites of the hotel I was in. – Jonathan Aug 23 '22 at 14:39