> For the complete documentation index, see [llms.txt](https://tip-1.gitbook.io/openwifi/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://tip-1.gitbook.io/openwifi/2.8.0/device-feature-configuration-examples/device-feature-configuration-examples/wireguard.md).

# Wireguard

Wireguard is an overlay technology supporting both Layer 2 and Layer 3 operations. In TIP OpenWiFi this is designed as a configured service that is associated to any logical interface.&#x20;

As a fully encrypted overlay, key negotiation and exchange of peers is required. This peer endpoint exchange conversation is known as PEX.&#x20;

A PEX service is deployed with public network visibility and defined in the wireguard-overlay root-node configuration section of the client.

Endpoints to be key negotiated with are defined as hosts.&#x20;

When this wireguard-overlay is then associated as a service to a layer 3 interface either upstream (WAN) or downstream (LAN) then a layer 3 path is available between the define host endpoints.&#x20;

When the wireguard-overlay is associated as a service with vxlan configured, the host adjacencies become layer 2 paths.&#x20;

**Example:**

```
“wireguard-overlay”: {
                        “private-key”: “####AAAABBBBCCCDDDDEEEFFFFFGGGG“,
                        “root-node”: {
                                “key”: “ZZZZWWWWQQQEEERRRTTYYYY“,
                                “endpoint”: “148.251.188.218",
                                “ipaddr”: [ “192.168.3.1" ]
                        },
                        “hosts”: [
                                {
                                        “name”: “ap1”,
                                        “key”: “CCCCDDDDEEEEFFFFGGGHHHHIIII“,
                                        “ipaddr”: [ “192.168.4.1" ]
                                }, {
                                        “name”: “ap2",
                                        “key”: “JJJKKKLLLAAABBBBBNCCCC####“,
                                        “ipaddr”: [ “192.168.5.1" ]
                                }
                        ],
                        “vxlan”: {
                                “isolate”: false
                        }
                }
```

#### &#x20;Peer Endpoint eXchange Service (PEX)

Currently TIP OpenWiFi wireguard services are an early preview feature. The PEX network discovery daemon service is intended to be containerized and likely re-written as a core service of the TIP OpenWiFi SDK cloud.&#x20;

For development members in the Community who wish to begin with this feature, the following repo should be consulted for functional information on a base Linux deployment of PEX via: <https://github.com/nbd168/unetd/blob/master/PEX.md>&#x20;

Please connect with the Community maintainers via Slack if working on this early access feature.&#x20;


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://tip-1.gitbook.io/openwifi/2.8.0/device-feature-configuration-examples/device-feature-configuration-examples/wireguard.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.
