Maniphest T7387

Optimise Wireguard peer handling
Closed, ResolvedPublic
Actions

Assigned To

Authored By

	sarthurdev
	Apr 23 2025, 6:40 PM

Tags

Referenced Files

None

Subscribers

Global Notifications

Description

The creation and updating of Wireguard interfaces executes wg set ... twice per peer. Script also destroys/re-creates all peers on any wireguard commit.

wg set ... supports multiple peer configs (up to ARG_MAX) in a single command, arguments like allowed-ips will also override previous values so can safely be altered without needing to remove/re-add peer.

This will adjust logic causing no peer downtime on commit, only dropping public-keys removed from config.

Details

Version: -
Is it a breaking change?: Perfectly compatible
Issue type: Performance optimization

Related Objects

Mentioned In: rVYOSONEX37598a366e8d: Merge pull request #4468 from sarthurdev/T5707
rVYOSONEX2b009d420f28: wireguard: T7387: Optimise wireguard peer handling

Event Timeline

sarthurdev created this task.Apr 23 2025, 6:40 PM

sarthurdev changed the task status from Open to Needs testing.

sarthurdev triaged this task as Normal priority.

PR: https://github.com/vyos/vyos-1x/pull/4468

pasik subscribed.Apr 24 2025, 7:42 AM

sarthurdev mentioned this in rVYOSONEX2b009d420f28: wireguard: T7387: Optimise wireguard peer handling.May 20 2025, 2:28 PM

Restricted Repository Identity mentioned this in rVYOSONEX37598a366e8d: Merge pull request #4468 from sarthurdev/T5707.May 20 2025, 2:28 PM

dmbaturin closed this task as Resolved.May 28 2025, 8:15 PM

dmbaturin edited projects, added VyOS 1.5 Circinus (1.5-stream-2025-Q2); removed VyOS 1.5 Circinus.