OpenWiFi
2.8.0
2.8.0
  • OpenWiFi Release 2.8
  • ABOUT
    • About OpenWiFi
    • Supported Hardware
    • Device Partner Information
    • Cloud Partner Information
    • Ordering OpenWiFi APs
    • Example Partner Integrations
    • Contributing
  • OPENWIFI STACK
    • Overview
    • SDK
    • Access Points
      • Local Device Settings
    • Cloud Discovery
      • Discovery without Cloud
    • Code Repositories
    • Artifacts
  • SDK
    • Getting Started
    • Architecture
    • Provisioning for Integrators
      • Data Model Introduction
      • Creating a Configuration
    • User Interface for Admins
      • Provisioning
        • Creating Entities
          • Configurations
            • Metrics Settings Example
        • Creating Venues
          • Configurations
            • WAN
            • VAP - SSID
      • Inventory Association
      • Gateway
      • Devices
        • Commands
        • Statistics
        • Command History
      • Firmware
    • Monitoring
      • ELK Integration
  • RELEASE
    • What's New
    • Features
    • Security Updates
    • Resolved Issues
    • Outstanding Items
    • Testing Results
  • SDK Installation
    • Overview
    • Deploy using Docker Compose
    • Deploy using Helm
  • Device Feature Configuration Examples
    • Basic Device Provisioning
      • Bridge Mode SSID
      • NAT Gateway Mode SSID
      • Multi-VLAN SSID
    • Advanced Device Feature Configuration Examples
      • Zero Touch Provisioning
      • DHCP Relay
      • Services
      • Metrics
      • GRE
      • L2TP
      • VxLAN
      • WDS
      • Mesh
      • QoS
      • Dynamic Air Time Fairness
      • Advanced Captive Portal
        • External Captive Portal
      • Roaming RRM and SON
      • RADIUS Authenticated SSID
        • Dynamic VLANs with RADIUS
        • WISPr Subscriber Bandwidth
        • Dynamic Multi PSK
        • RADIUS MAC-Auth
      • Multi-PSK (MDU Shared Key)
      • Wireguard
      • Dynamic Air-Time Policy
      • Opportunistic Wireless Encryption (OWE)
      • Passpoint®
        • Configuration Introduction
        • Advertising Services
        • Passpoint® Configuration
      • Restricted Unit Support
  • DEVELOPER RESOURCES
    • SDK API
      • OpenAPI Definitions
      • Security Service
      • Gateway Service
      • Firmware Management Service
      • Provisioning Service
      • Analytics Service
      • Radio Resource Management Service
      • Postman Collection
    • SDK KAFKA
      • Connection
      • Device Event Queue
      • Device Telemetry
      • Healthcheck
      • Provisioning Change
      • Service Events
      • State
      • WiFi Scan
Powered by GitBook
On this page
  1. Device Feature Configuration Examples
  2. Advanced Device Feature Configuration Examples

Wireguard

Early Preview Feature

Wireguard is an overlay technology supporting both Layer 2 and Layer 3 operations. In TIP OpenWiFi this is designed as a configured service that is associated to any logical interface.

As a fully encrypted overlay, key negotiation and exchange of peers is required. This peer endpoint exchange conversation is known as PEX.

A PEX service is deployed with public network visibility and defined in the wireguard-overlay root-node configuration section of the client.

Endpoints to be key negotiated with are defined as hosts.

When this wireguard-overlay is then associated as a service to a layer 3 interface either upstream (WAN) or downstream (LAN) then a layer 3 path is available between the define host endpoints.

When the wireguard-overlay is associated as a service with vxlan configured, the host adjacencies become layer 2 paths.

Example:

“wireguard-overlay”: {
                        “private-key”: “####AAAABBBBCCCDDDDEEEFFFFFGGGG“,
                        “root-node”: {
                                “key”: “ZZZZWWWWQQQEEERRRTTYYYY“,
                                “endpoint”: “148.251.188.218",
                                “ipaddr”: [ “192.168.3.1" ]
                        },
                        “hosts”: [
                                {
                                        “name”: “ap1”,
                                        “key”: “CCCCDDDDEEEEFFFFGGGHHHHIIII“,
                                        “ipaddr”: [ “192.168.4.1" ]
                                }, {
                                        “name”: “ap2",
                                        “key”: “JJJKKKLLLAAABBBBBNCCCC####“,
                                        “ipaddr”: [ “192.168.5.1" ]
                                }
                        ],
                        “vxlan”: {
                                “isolate”: false
                        }
                }

Peer Endpoint eXchange Service (PEX)

Currently TIP OpenWiFi wireguard services are an early preview feature. The PEX network discovery daemon service is intended to be containerized and likely re-written as a core service of the TIP OpenWiFi SDK cloud.

Please connect with the Community maintainers via Slack if working on this early access feature.

PreviousMulti-PSK (MDU Shared Key)NextDynamic Air-Time Policy

Last updated 2 years ago

For development members in the Community who wish to begin with this feature, the following repo should be consulted for functional information on a base Linux deployment of PEX via:

https://github.com/nbd168/unetd/blob/master/PEX.md