1.\" SPDX-License-Identifier: BSD-2-Clause 2.\" 3.\" Copyright (c) 2020 Gordon Bergling <gbe@FreeBSD.org> 4.\" 5.\" Redistribution and use in source and binary forms, with or without 6.\" modification, are permitted provided that the following conditions 7.\" are met: 8.\" 1. Redistributions of source code must retain the above copyright 9.\" notice, this list of conditions and the following disclaimer. 10.\" 2. Redistributions in binary form must reproduce the above copyright 11.\" notice, this list of conditions and the following disclaimer in the 12.\" documentation and/or other materials provided with the distribution. 13.\" 14.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 15.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 18.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24.\" SUCH DAMAGE. 25.\" 26.Dd January 18, 2024 27.Dt WG 4 28.Os 29.Sh NAME 30.Nm wg 31.Nd WireGuard protocol driver 32.Sh SYNOPSIS 33To load the driver as a module at boot time, place the following line in 34.Xr rc.conf 5 : 35.Bd -literal -offset indent 36if_wg_load="YES" 37.Ed 38.Pp 39To compile this driver into the kernel, add the following line to 40.Xr kernconf 5 41kernel configuration file: 42.Bd -literal -offset indent 43.Cd pseudo-device wg 44.Ed 45.Sh DESCRIPTION 46The 47.Nm 48driver provides Virtual Private Network (VPN) interfaces for the secure 49exchange of layer 3 traffic with other WireGuard peers using the WireGuard 50protocol. 51.Pp 52A 53.Nm 54interface recognizes one or more peers, establishes a secure tunnel with 55each on demand, and tracks each peer's UDP endpoint for exchanging encrypted 56traffic with. 57.Pp 58The interfaces can be created at runtime using the 59.Ic ifconfig Cm wg Ns Ar N Cm create 60command, and then can be configured with 61.Xr ifconfig 8 . 62.Pp 63The following glossary provides a brief overview of WireGuard terminology: 64.Bl -tag -width indent -offset 3n 65.It Peer 66Peers exchange IPv4 or IPv6 traffic over secure tunnels. 67Each 68.Nm 69interface may be configured to recognize one or more peers. 70.It Key 71Each peer uses its private key and corresponding public key to 72identify itself to others. 73A peer configures a 74.Nm 75interface with its own private key and with the public keys of its peers. 76.It Pre-shared key 77In addition to the public keys, each peer pair may be configured with a 78unique pre-shared symmetric key. 79This is used in their handshake to guard against future compromise of the 80peers' encrypted tunnel if an attack on their Diffie-Hellman exchange 81becomes feasible. 82It is optional, but recommended. 83.It Allowed IP addresses 84A single 85.Nm 86interface may maintain concurrent tunnels connecting diverse networks. 87The interface therefore implements rudimentary routing and reverse-path 88filtering functions for its tunneled traffic. 89These functions reference a set of allowed IP address ranges configured 90against each peer. 91.Pp 92The interface will route outbound tunneled traffic to the peer configured 93with the most specific matching allowed IP address range, or drop it 94if no such match exists. 95The interface will accept tunneled traffic only from the peer 96configured with the most specific matching allowed IP address range 97for the incoming traffic, or drop it if no such match exists. 98That is, tunneled traffic routed to a given peer cannot return through 99another peer of the same 100.Nm 101interface. 102This ensures that peers cannot spoof one another's traffic. 103.It Handshake 104Two peers handshake to mutually authenticate each other and to 105establish a shared series of secret ephemeral encryption keys. 106Either peer may initiate a handshake. 107Handshakes occur only when there is traffic to send, and recur every 108two minutes during transfers. 109.It Connectionless 110Due to the handshake behavior, there is no connected or disconnected 111state. 112.El 113.Ss Keys 114Private keys for WireGuard can be generated from any sufficiently 115secure random source. 116The Curve25519 keys and the pre-shared keys are both 32 bytes 117long and are commonly encoded in base64 for ease of use. 118.Pp 119Keys can be generated with 120.Xr openssl 1 121as follows: 122.Pp 123.Dl $ openssl rand -base64 32 124.Pp 125Although a valid Curve25519 key must have 5 bits set to specific values, 126this is done by the 127.Nm 128interface and so it will accept any random 32-byte base64 string. 129.Sh EXAMPLES 130Create a 131.Nm 132interface and set random private key: 133.Bd -literal -offset indent 134# ifconfig wg0 create 135# ifconfig wg0 wgkey `openssl rand -base64 32` wgport 54321 136.Ed 137.Pp 138Retrieve the associated public key from a 139.Nm 140interface: 141.Bd -literal -offset indent 142$ ifconfig wg0 | grep 'wgpubkey:' 143.Ed 144.Pp 145By default, the private key and pre-shared key (if set) are hidden from 146the interface status output, but can be made to show up by specifying the 147.Fl k 148flag for 149.Xr ifconfig 8 : 150.Bd -literal -offset indent 151# ifconfig -k wg0 | grep -E 'wgkey:|wgpsk:' 152.Ed 153.Pp 154Connect to a specific endpoint using its public-key and set the 155allowed IP address: 156.Bd -literal -offset indent 157# ifconfig wg0 wgpeer <peer_pubkey> \\ 158 wgendpoint 10.0.1.100 54321 \\ 159 wgaip 192.168.2.100/32 160.Ed 161.Pp 162Set description for a peer: 163.Bd -literal -offset indent 164# ifconfig wg0 wgpeer <peer_pubkey> wgdescr <peer_description> 165.Ed 166.Pp 167Remove a peer: 168.Bd -literal -offset indent 169# ifconfig wg0 -wgpeer <peer_pubkey> 170.Ed 171.Sh DIAGNOSTICS 172The 173.Nm 174interface supports runtime debugging, which can be enabled with: 175.Pp 176.D1 Ic ifconfig Cm wg Ns Ar N Cm debug 177.Pp 178Some common error messages include: 179.Bl -tag -width indent 180.It Sy "Handshake for peer X did not complete after 5 seconds, retrying" 181Peer X did not reply to our initiation packet, for example because: 182.Bl -bullet -compact 183.It 184The peer does not have the local interface configured as a peer. 185Peers must be able to mutually authenticate each other. 186.It 187The peer's endpoint IP address is incorrectly configured. 188.It 189There are firewall rules preventing communication between hosts. 190.El 191.It Sy "Invalid handshake initiation" 192The incoming handshake packet could not be processed. 193This is likely due to the local interface not containing 194the correct public key for the peer. 195.It Sy "Invalid initiation MAC" 196The incoming handshake initiation packet had an invalid MAC. 197This is likely because the initiation sender has the wrong public key 198for the handshake receiver. 199.It Sy "Packet has disallowed src IP from peer X" 200After decryption, an incoming data packet has a source IP address that 201is not assigned to the allowed IPs of Peer X. 202.El 203.Sh SEE ALSO 204.Xr inet 4 , 205.Xr ip 4 , 206.Xr netintro 4 , 207.Xr ifconfig 8 208.Rs 209.%T WireGuard whitepaper 210.%U https://www.wireguard.com/papers/wireguard.pdf 211.Re 212.Sh HISTORY 213The 214.Nm 215device driver first appeared in 216.Dx 6.5 , 217.Fx 13.2 , 218and 219.Ox 6.8 . 220.Sh AUTHORS 221.An -nosplit 222The 223.Nm 224device driver was written by 225.An Jason A. Donenfeld Aq Mt Jason@zx2c4.com , 226.An Matt Dunwoodie Aq Mt ncon@nconroy.net , 227.An Kyle Evans Aq Mt kevans@FreeBSD.org , 228and 229.An Matt Macy Aq Mt mmacy@FreeBSD.org . 230.Pp 231This manual page was written by 232.An Gordon Bergling Aq Mt gbe@FreeBSD.org 233and is based on the 234.Ox 235manual page written by 236.An David Gwynne Aq Mt dlg@openbsd.org . 237