I have got a x64 openwrt VM in PVE, VM has public IPv4 address, lan subnet 192.168.17.0/24 has IPv6 delegated to it as well, I have got a guest subnet 192.168.18.0/24, I have got a wireguard interface with the subnet 192.168.13.0/24. My x64 openwrt VM in the wireguard interface is at 192.168.13.6, I have got some other peers, one of them is sometimes not working because of network issues over there.
Sorry I don't know how to draw topology. It is a pretty straight forward setup, I also put all the config in the previous post.
Dude, it is a powerful state machine, why would I know how it works? I don't need to circumvent it, I just need to run my little script when that peer is not working.....Also run another little script when it is back for some reason. It is not completely blocked per se, and I am not trying to mitigate the block, I am trying to inform myself when that happens.
The reason why it doesnt work is honestly irrelevant....
This is an unreliable setup as you have overlapping peers not saying it is the main problem but it needs attention.
This is a typical WireGuard server setup, why do you have allowed-ips set to 0.0.0.0/0?
I need to route the traffic to a certain country through that peer, it is thousands of lines of IPv4 CIDR that are constantly changing. I need to use 0.0.0.0/0 as allowed IP without routing to it, then I use luci-app-pbr to do the actual routing using custom user file.
This is not a pure "server" so to speak. It might look confusing because if it is connecting to other peer, why isn't there an endpoint? Because internet censorship could work differently in different direction, so I don't want to connect to the peer proactively through wireguard, I want to be connected by the other peer and then route traffic through the peer, and it works.