In T2518#127884, @jack9603301 wrote:

@ajgnet If you have a way to limit the dynamic prefix to a known prefix, then using 1:1 NAT66 prefix translation should work (only the host segment is dynamic)

Yes, would be great to fully support dynamic prefix when the prefix is not known

Confirmed working.

Confirmed working. Awesome

Confirming the same.

Tested, does not work. Even with all firewall rules removed.

Is there a way to get this to work with a dhcp assigned WAN address?

Trying to configure a wireguard peer with a dns name as remote endpoint. I understand this is not supported, but I see many references to creating a post-boot script to do this. Any working examples? Thank you

Is there a way to get this to work with a dynamically assigned /64 PD from my ISP?

Enabling sticky connections had no effect in my testing. The only temporary solution was T2747. Unfortunately, this solution no longer works once the IP address changes on a DHCP-assigned interface.

Additionally, sometimes the Peer ID and Local ID are not correctly formatted. for example:

Sure thing. Note my configuration contains some table maps that I have set up to route VPN traffic, and certain source IPs through specific interfaces. But there is no effect on the load-balancer when these sections are removed. Thank you.

I suspect this could be related to displaying a peer with a hostname that contains a dash, such as, "abc-peer12.dyndns.org." Or, possibly a string matching error getting thrown off by "AES_GCM_16_128/MODP_2048"

The IKE SA appears down in your second example?