8

i have a ton of all russian subnets which i doesnt want route through vpn due vpn monitoring on rzzian faschist services, and services which blocking all non-rzzian ips

also since i wanna use wireguard(amneziawg obsurfication fork, since plain wg is blocked) on a openwrt system soooo maybe there are way to route all traffic thru wg interface but subnet list thru plain interface

aaaaaaaaa i dont have much openwrt stuff knowledge,

you are viewing a single comment's thread
view the rest of the comments
[-] erinmeow@piefed.blahaj.zone 2 points 6 days ago

as i understand i can do by one subnet separatly but the problem that there are 1000+ subnets, maybe i dont know some feature to load an ipset file also uguguhguhg isnt parsing 1000+ subnets are load on cpu?

[-] SteveTech@aussie.zone 3 points 6 days ago

I'm not sure how a firewall would help, you'd definately want to do this from the routing table.

isnt parsing 1000+ subnets are load on cpu?

IPv4 addresses are basically just 32bit numbers, any somewhat modern CPU can check through 1000 routes in nanoseconds.

Also 1000+ seems a bit excessive, you should be able to aggregate some of those subnets into a few bigger ones. There are calculators online for this, or you can script it.

this post was submitted on 26 Jun 2026
8 points (100.0% liked)

networking

3579 readers
1 users here now

Community for discussing enterprise networks and the ensuing chaos that comes after inheriting or building one.

founded 3 years ago
MODERATORS