What is WireGuard?

WireGuard is a fairly new Layer 3 VPN protocol that runs on top of UDP. It's main selling points are that it is very easy to configure and also very fast (It can easily reach speeds in excess of 1 Gbit/s without much resource utilization).

It is available for every major operating system you can find in the wild (namely Windows, Linux (and its derivatives) and Mac OS)

To understand how simple the configuration is, have a look at the following snippet:

[Interface]
Address = 10.0.0.1/24
ListenPort = 51820
PrivateKey = 4BhSWsplXEJrqSDvb/kIy6FzfXkimLF4b3h/nrz/vkY=

[Peer]
PublicKey = EzEyCarbQdia+D0u7aRvSDL4hz3YCQQjgvOVGBEPBDo=
AllowedIPs = 10.0.0.2/32

[Peer]
PublicKey = dq/DbVCb40ZjuKZZv1EhTH/4FQRGme4pe07B5CIvuVo=
AllowedIPs = 10.0.0.3/32

[Peer]
PublicKey = UDIqfBJAKc1YmpvRxDSM4tc3ZrbzNHduEqVqZmG4CXU=
AllowedIPs = 10.0.0.4/32

That small little amount of config would allow 3 clients to connect to the WireGuard "server" with their own matching private keys!

Want to use WireGuard for your own network? Great! See the rest of this documentation here!

What is WireGuard?

How does WireGuard work?

Generating a public/private keypair

[Interface]

Address

ListenPort

PrivateKey

DNS

Table

MTU

PreUp

PostUp

PreDown

PostDown

[Peer]

Endpoint

AllowedIPs

PublicKey

PersistentKeepalive

Simple router/bounce node with 3 clients

What is WireGuard?