wgsd: add package

Adds WGSD, a service that enables use cases such as:
- Building a mesh of WireGuard peers from a central registry
- Dynamic discovery of WireGuard Endpoint addressing (both IP address and port number)
- NAT-to-NAT WireGuard connectivity where UDP hole punching is supported.

Provides two packages:
- wgsd-coredns - a DNS-SD server, which allows clients to discover other
  wireguard peers
- wgsd-client - a client, which query DNS server and update wireguard
  peers endpoints

Signed-off-by: Vladimir Ermakov <vooon341@gmail.com>

1 files changed, 30 insertions, 0 deletions

diff --git a/net/wgsd/README.md b/net/wgsd/README.md
new file mode 100644
index 000000000..13d733025
--- /dev/null
+++ b/net/wgsd/README.md
@@ -0,0 +1,30 @@
+## Wireguard Service Discovery (Mesh)
+
+This tool allows you to build a mesh from wireguard tunnels and also traversal NAT.
+
+See this article: https://www.jordanwhited.com/posts/wireguard-endpoint-discovery-nat-traversal/
+Also see project on github: https://github.com/jwhited/wgsd
+
+
+## Usage
+
+On server edit /etc/Corefile to select on which port DNS-SD should be serving and also which interface to use.
+
+Here is the example, where port `5353` will be used by coredns, `coredns.lan.` zone be used for discovery and `vpn_wg` interface be used to gather peers information.
+
+    .:5353 {
+      log
+      #whoami
+      wgsd coredns.lan. vpn_wg
+    }
+
+On a client you should put to the cron line like that:
+
+    1,6,11,16,21,26,31,36,41,46,51,56 * * * * /usr/bin/wgsd-client -device vpn_wg -dns your.central.node:5353 -zone coredns.lan
+
+
+### Note
+
+All peers that should connect to each other should know other peers.
+So you should setup your central node as a first peer followed with peers.
+E.g. let's say we have a Cloud-Router (CR), Alice and the Bob. Then you should configure peers for CR (with the address) and Bob on Alice's side and CR and Alice on Bob's.