Federated wireguard network idea
Any feedback welcome.

Let’s keep things stupidly simple and simply hash the domain name to get a unique IPv6 ULA prefix.

Then we would need a stupidly simple backend application to automatically fetch pubkeys and endpoints from DNS and make a request to add each others as peers.

Et voilà, you got a worldwide federated wireguard network resolving private ULA addresses. Sort of an internet on top of the internet .

The DNS entries with the public IPv4 / IPv6 addresses could even be delegated to other domains / endpoints which would act as reverse proxy (either routing or nesting tunnels) for further privacy.

Maybe my approach is too naïve and there are flaws I haven’t considered, so don’t be afraid to comment.

Exact use cases? Idk, but it sounds nifty.

#privacy #networking #VPN #wireguard #infosec

cc: @fediverse

  • trymeout@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    https://github.com/ivpn/desktop-app/issues/290

    I made this feature request to IVPN. I doubt IVPN will make it happen but I also did it to get the idea out there. I do think IVPN clients are the best FOSS VPN clients on the market and the idea was to fork IVPN desktop and mobile clients and modify them to bee these universal VPN clients were any VPN provider can integrate these clients into their service. This way a user can subscribe to a few or several VPN providers and access them all in one client, easy to add providers in the client. All a user needs to do is add a URL or IP address in the subscription settings of the VPN client, and login to the VPN account and from there the VPN client will import the VPN servers that VPN providers has and always keep them up to date when the VPN providers adds or remove servers.

    Also such an idea will ensure there is a one, secure and fully open source VPN client that works with many VPN providers, and VPN providers do not need to spend time and money developing their own clients for desktop and mobile, and can instead spend time and money on their service and servers. VPN providers can contribute to the universal VPN client if they so wish.