What I want: I want to be able to route specific clients through different interfaces (WireGuard tunnels), and I want this behavior to persist upon disconnect/reconnect. Clients can change which tunnel, with several VLANs being able to use the tunnels (so a client A on VLAN 124 and client B on VLAN 789 can both use VPN tunnel X or Y at their discretion).
What I have: IPv4 works fine (routing rule src address -> routing table). IPv6 works, but is not persistent, as clients change their IPv6 address. (I have a dinky script where I enter IPv4 address and country, and it will grab a VPN peer from a json file, set it up, and add the IPv4+current IPv6 address to the routing rules. This works well currently; I use Mullvad.)
Any recommendations? Ideas: use IPv6 mangle based on MAC address, but I have been having trouble getting this to work (extremely slow). Another idea is to have a script run and grab the IPv6 address of client (either by hostname or by DHCP lease+MAC info), but I’m not sure if it’s possible to trigger a script upon IPv6 neighbor discovery.
Any help appreciated!
You must log in or # to comment.