OSPF wireguard fallback

[chrono]

> You need to set AllowedIPs to 0.0.0.0/0 on both sides. That way
> wireguard will pass all traffic through (that only works for p2p links
> with only two peers, obviously). In your current setup, wireguard won't
> pass the OSPF multicast traffic, so you will see no neighbour
> associations. And even if you did, bird doesn't know how to amend
> AllowedIPs for wireguard, so it won't work.
> 
> However, with the p2p config and 0.0.0.0/0 in AllowedIPs things should
> work.

Toke, thanks for the details, weird things are happening with 0.0.0.0/0

DC1 (CentOS Linux release 7.4.1708 (Core))

$ wg-quick up wg0
[#] ip link add wg0 type wireguard
[#] wg setconf wg0 /dev/fd/63
[#] ip address add 172.23.3.2/29 dev wg0
[#] ip link set mtu 1420 dev wg0
[#] ip link set wg0 up
[#] wg set wg0 fwmark 51820
[#] ip -4 route add 0.0.0.0/0 dev wg0 table 51820
[#] ip -4 rule add not fwmark 51820 table 51820
[#] ip -4 rule add table main suppress_prefixlength 0
Error: argument "suppress_prefixlength" is wrong: Failed to parse rule 
type
[#] ip -4 rule delete table 51820
[#] ip link delete dev wg0

wg0 simply not coming up


DC2 (Ubuntu 16.04.4 LTS)

$ wg-quick up wg0
[#] ip link add wg0 type wireguard
[#] wg setconf wg0 /dev/fd/63
[#] ip address add 172.23.3.1/29 dev wg0
[#] ip link set mtu 1420 dev wg0
[#] ip link set wg0 up
[#] wg set wg0 fwmark 51820
[#] ip -4 route add 0.0.0.0/0 dev wg0 table 51820
[#] ip -4 rule add not fwmark 51820 table 51820
[#] ip -4 rule add table main suppress_prefixlength 0
[#] iptables -A FORWARD -i wg0 -j ACCEPT;

but afterwards no more traffic is going through the default gw
and all boxes behind the gw are offline.

> There is a Wireguard GSOC project to add AllowedIP awareness to Bird,
> BTW, so in the future things may be easier :)

Sweet, looking forward to that.