[FreeBSD] use fib for specific wireguard interface

Background

My FreeBSD box has two interface, net0 is main fiber line(fast speed), net1  is backup line(Japan KDDI povo slow line).

At first, I set static route for backup wireguard line.  Unfortenately, all packet to the static route([End Point IP address]) uses slow line[NG].

for Example previous config(/etc/rc.conf)

static_routes="backup_line"

route_backup_line="-net [End Point IP address] -gateway 192.168.220.1"

(192.168.220.1 is backup line default router)

Now I know the fib(Forwarding Informations Base), I use fib 1 for backup wireguard line. 

Backup line is only used by below wireguard line[OK].

And I can remove above static route.

Step1:  /etc/sysctl.conf

add below things into /etc/sysctl.conf(enable fibs)

net.fibs=2

net.add_addr_allfibs=1

Step2:  /etc/rc.conf

# net1 is for fib1 

ifconfig_ue0_name="net1"

ifconfig_net1="192.168.220.3/24 fib 1"

# set default route for fib 1

static_routes="fib1_default"

route_fib1_default="-fib 1 default -gateway 192.168.220.1"

Step3:  /usr/local/etc/wireguard/wg0.conf

use PostUp line

[Interface]

Privatekey = [Privatekey]

Address = 10.8.41.1/24

table = off

ListenPort = 1111

PostUp = /sbin/ifconfig wg0 tunnelfib 1

[Peer]

PublicKey = IOx7n4S1rBZPlj6an2rMQSddj07RMQFkWPAyvtJsYnY=

AllowedIPs = 10.8.0.0/16, 192.168.0.0/24

Endpoint = [End Point IP address]:1111

PersistentKeepAlive = 30

NOTES:

When you uses multiple wireguard lines, if you want selectively to use net0(fast line)for one of wireguard line, you use wg*.conf without "PostUp = /sbin/ifconfig wg* tunnelfib 1".