OpenBSD manual page server

Manual Page Search Parameters
WG(4) Device Drivers Manual WG(4)

wgWireGuard pseudo-device

pseudo-device wg

The wg driver provides a simple Virtual Private Network (VPN) interface for securely communicating with other WireGuard endpoints. wg interfaces implement the WireGuard protocol, heavily relying on the Noise protocol framework.

Each interface is able to connect to a number of endpoints, relying on an internal routing table to direct outgoing IP traffic to the correct endpoint. Incoming traffic is also matched against this routing table and dropped if the source does not match the corresponding output route.

The interfaces can be created at runtime using the ifconfig wgN create command or by setting up a hostname.if(5) configuration file for netstart(8). The interface itself can be configured with ifconfig(8). Support is also available in the wireguard-tools package by using the wg and wg-quick utilities.

wg interfaces support the following ioctl(2)s:

struct wg_data_io *
Set the device configuration.
struct wg_data_io *
Get the device configuration.

WireGuard is designed as a small, secure, easy to use VPN. It operates at the IP level, supporting both IPv4 and IPv6.

The following list provides a brief overview of WireGuard terminology:

Peer
A peer is a host that the interface creates a connection with. There is no concept of client/server as both ends of the connection are equal. An interface may have multiple peers.
Key
Each interface has a private key and corresponding public key. The public key is used to identify the interface to other peers.
Preshared key
In addition to the interface keys, each peer pair can have a unique preshared key. This key is used in the handshake to provide post-quantum security. It is optional, but recommended.
Allowed IPs
Allowed IPs dictate the tunneled IP addresses each peer is allowed to send from. After decryption, all packets have their source IP address checked against the sending peer's allowed IPs list. This list is hierarchical, allowing peers to have overlapping ranges, with the most specific range taking precedence. They can be thought of like a routing table, as outgoing packets are also matched against this list to determine which peer to send to.

This does not correspond to the IP address that UDP packets are sent to or received from, but rather the IP addresses that are encapsulated in the tunnel.

Handshake
In order to establish a set of shared secret keys, two peers perform a handshake. This occurs every 2 minutes while traffic is being sent. If no traffic is being sent, then no handshake occurs. When traffic resumes, a new handshake is performed. Each handshake generates a new set of ephemeral keys to provide forward secrecy.
Connectionless
Due to the handshake behavior, there is no connected or disconnected state.

Private keys for WireGuard can be generated from any sufficiently secure random source. The Curve25519 keys and the preshared keys are both 32 bytes long and are commonly encoded in base64 for ease of use.

Keys can be generated with openssl(1) as follows:

$ openssl rand -base64 32

Note that not all 32-byte strings are valid Curve25519 keys. Specific bits must be set in the string. All the same, a random 32-byte string can be passed because the interface automatically sets the required bits. This does not apply to the preshared key.

When an interface has a private key set with wgkey, the corresponding public key is shown in the status output of the interface, like so:

wgpubkey NW5l2q2MArV5ZXpVXSZwBOyqhohOf8ImDgUB+jPtJps=

Create two wg interfaces in separate rdomain(4)s, which is of no practical use but demonstrates two interfaces on the same machine:

#!/bin/sh

ifconfig wg1 create wgport 111 wgkey `openssl rand -base64 32` rdomain 1
ifconfig wg2 create wgport 222 wgkey `openssl rand -base64 32` rdomain 2

PUB1="`ifconfig wg1 | grep 'wgpubkey' | cut -d ' ' -f 2`"
PUB2="`ifconfig wg2 | grep 'wgpubkey' | cut -d ' ' -f 2`"

ifconfig wg1 wgpeer $PUB2 wgendpoint 127.0.0.1 222 wgaip 192.168.5.2/32
ifconfig wg2 wgpeer $PUB1 wgendpoint 127.0.0.1 111 wgaip 192.168.5.1/32
ifconfig wg1 192.168.5.1/24
ifconfig wg2 192.168.5.2/24

After this, ping one interface from the other:

$ route -T1 exec ping 192.168.5.2

The two interfaces are able to communicate through the UDP tunnel which resides in the default rdomain(4).

Show the listening sockets:

$ netstat -ln

The wg interface supports runtime debugging, which can be enabled with:

ifconfig wgN debug

Some common error messages include:

Handshake for peer X did not complete after 5 seconds, retrying
Peer X did not reply to our initiation packet, for example because:
  • The peer does not have the local interface configured as a peer. Peers must be able to mutually authenticate each other.
  • The peer endpoint IP address is incorrectly configured.
  • There are firewall rules preventing communication between hosts.
Invalid handshake initiation
The incoming handshake packet could not be processed. This is likely due to the local interface not containing the correct public key for the peer.
Invalid initiation MAC
The incoming handshake initiation packet had an invalid MAC. This is likely because the initiation sender has the wrong public key for the handshake receiver.
Packet has unallowed src IP from peer X
After decryption, an incoming data packet has a source IP address that is not assigned to the allowed IPs of Peer X.

inet(4), ip(4), netintro(4), hostname.if(5), pf.conf(5), ifconfig(8), netstart(8)

WireGuard whitepaper, https://www.wireguard.com/papers/wireguard.pdf.

The OpenBSD wg driver was developed by Matt Dunwoodie <‍ncon@noconroy.net> and Jason A. Donenfeld <‍Jason@zx2c4.com>, based on code written by Jason A. Donenfeld.

June 24, 2020 OpenBSD-current