blob: 7c04eb994c8975ef026dbd73b6e509077bee8e78 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
|
#!/bin/bash
set -ex -o pipefail
[[ $UID != 0 ]] && exec sudo -E "$(readlink -f "$0")" "$@"
NETNS="narans"
OUTER_DEVICE="wg1"
INNER_DEVICE="wg2"
OUTER_IP="10.10.10.1"
INNER_IP="10.10.10.2"
OUTER_PORT=1111
INNER_PORT=2222
OUTER_KEY="$(mktemp --suffix ".outer.key")"
INNER_KEY="$(mktemp --suffix ".inner.key")"
trap "killall nara iperf3 || true; ip netns del \"$NETNS\" || true" INT TERM EXIT
wg genkey > "$OUTER_KEY"
wg genkey > "$INNER_KEY"
nara "$OUTER_DEVICE"
nara "$INNER_DEVICE"
ip netns add "$NETNS"
wg set "$OUTER_DEVICE" private-key "$OUTER_KEY" listen-port "$OUTER_PORT" \
peer "$(wg pubkey < "$INNER_KEY")" endpoint 127.0.0.1:"$INNER_PORT" allowed-ips "$INNER_IP"/32
wg set "$INNER_DEVICE" private-key "$INNER_KEY" listen-port "$INNER_PORT" \
peer "$(wg pubkey < "$OUTER_KEY")" endpoint 127.0.0.1:"$OUTER_PORT" allowed-ips "$OUTER_IP"/32
sleep 1
ip link set "$INNER_DEVICE" netns "$NETNS"
ip addr add dev "$OUTER_DEVICE" "$OUTER_IP/24"
ip -netns "$NETNS" addr add dev "$INNER_DEVICE" "$INNER_IP/24"
ip link set up "$OUTER_DEVICE"
ip -netns "$NETNS" link set up "$INNER_DEVICE"
ip netns exec "$NETNS" iperf3 -s -1 -B "$INNER_IP" 2>&1 1>/dev/null &
sleep 1
iperf3 -n 100M -4 -Z -B "$OUTER_IP" -c "$INNER_IP"
ping -q -c 1000 -i 0.001 -I "$OUTER_IP" "$INNER_IP"
|