https://blog.wgz.sh/tags/wireguard/ Recent content in WireGuard on wgz.sh Hugo -- 0.153.1 en-us Tue, 09 Dec 2025 19:01:48 -0400 https://blog.wgz.sh/posts/bgp-at-home/ Tue, 09 Dec 2025 19:01:48 -0400 https://blog.wgz.sh/posts/bgp-at-home/ <p>Hi everyone,</p> <p>If you&rsquo;re like me, there are tons of technologies that you work with on a day-to-day basis, but never have the opportunity to touch. In my day-to-day role, for example, I work heavily with networking and even with BGP. But rarely do I have the chance to do anything BGP-related as it pertains to the internet.</p> <p>It&rsquo;s quite the dilemma! How is one supposed to get the experience of operating large-scale networks, if only very few people have the opportunity to work on them? Let alone set them up from scratch!</p> https://blog.wgz.sh/posts/nat/ Wed, 26 Mar 2025 22:24:05 -0400 https://blog.wgz.sh/posts/nat/ <p>Hey folks,</p> <p>Quick tip for anybody using DN42. If you&rsquo;re having an issue making your services reachable on the network you can copy something similar to what I&rsquo;m doing.</p> <p>In my lab, I’m running plain Docker, with a container that has a private IP of <code>192.168.77.2</code>. To make it reachable from a remote peer over WireGuard, I’m using two NAT rules: one for <code>SNAT</code> and one for <code>DNAT</code>.</p> <p>Why? Because in the DN42 overlay network, only IPs in the <code>172.20.0.0/14</code> range are routable. My little slice is <code>172.22.147.160/27</code>. The whole setup is similar to your home internet with RFC1918 addresses meaning you need to heavily rely on NAT.</p>