WG Server with 2 different IPs (Darkfiber and Internet)? (SOLVED)

c-mu · April 14, 2026, 01:46:13 PM

Hi!
I have a data center that is directly connected to my headquarters via dark fiber. This has historical reasons, as we gradually moved all servers from the HQ into the data center over time.

Now I want to convert my HQ into a regular site again and separate the networks. I also want to set up a WireGuard tunnel between the HQ and the data center. The tunnel should primarily run over the dark fiber (100 Gbit) and secondarily over the regular internet (10 Gbit) in case the dark fiber is damaged.

Is this scenario possible to implement using a WireGuard tunnel?

Thank You!

Monviech (Cedrik) · April 14, 2026, 02:49:23 PM

Best would be with ospf or bgp.

Mentally swap ipsec with wireguard.

https://docs.opnsense.org/manual/how-tos/dynamic_routing_ospf.html#ipsec-failover-with-vti-and-ospf

c-mu · April 15, 2026, 11:46:49 AM

Thanks for pointing me to IPSec. I've now taken a look at the new IPSec connections (I was still using legacy before) and was able to implement my desired scenario very easily.

There, I can simply configure two remote IPs. When I simulate a failure by disconnecting one uplink, the connection switches to the alternative route without any loss. Very cool! With IPSec, I'm also achieving the same bandwidth as with WireGuard. WireGuard is usually my favorite because of its speed.

Case closed :-)

WG Server with 2 different IPs (Darkfiber and Internet)? (SOLVED)

c-mu

April 14, 2026, 01:46:13 PM Last Edit: April 15, 2026, 11:47:54 AM by c-mu Reason: solved problem by switching to ipsec

Monviech (Cedrik)

April 14, 2026, 02:49:23 PM #1

c-mu

April 15, 2026, 11:46:49 AM #2