Federated wireguard network idea

Wander ΘΔ :verified_paw:@packmates.org to Fediverse@lemmy.world – 19 points –

Federated wireguard network idea
Any feedback welcome.

Let's keep things stupidly simple and simply hash the domain name to get a unique IPv6 ULA prefix.

Then we would need a stupidly simple backend application to automatically fetch pubkeys and endpoints from DNS and make a request to add each others as peers.

Et voilà, you got a worldwide federated wireguard network resolving private ULA addresses. Sort of an internet on top of the internet .

The DNS entries with the public IPv4 / IPv6 addresses could even be delegated to other domains / endpoints which would act as reverse proxy (either routing or nesting tunnels) for further privacy.

Maybe my approach is too naïve and there are flaws I haven't considered, so don't be afraid to comment.

Exact use cases? Idk, but it sounds nifty.

#privacy #networking #VPN #wireguard #infosec

cc: @fediverse

11

You are viewing a single comment

@breadsmasher I have no idea how Tor works. In this case I would say most peers would have no problem disclosing a public IP, but it could have benefits in making resources in a private network accessible and as long as the endpoint can be reached those resources would be hosting provider agnostic.

I would say this is less about hiding user activity than it is about logical networks, abstracting away the hosting provider and allowing to knit together self hosted services, regardless of where they are hosted.

Here's how TOR works. It's amazing.

https://youtu.be/QRYzre4bf7I?si=gY1e4tORIoxwuRTx

And here's how Onion hidden services work...

https://youtu.be/lVcbq_a5N9I?si=PuJwHP0rEPKFkCBb

TOR lets journalists do their job safely from dangerous places, lets whistle-blowers report things we should know, and lets people in oppressive regimes see the rest of the Internet that their government blocks. It's an amazing tool.