4. Validation
4. Validation
← Resources | Index | Next →
Validation Overview
Validation confirms that the WireGuard mesh is operational, traffic flows via WG, and public/LAN ingress to services is blocked.
Validation Criteria
| ID | Criterion | Method | Pass Condition |
|---|---|---|---|
| V1 | WG interface active | Host status review | wg0 present and up |
| V2 | Peer handshake established | WG peer status | Latest handshake within expected interval |
| V3 | WG routing in effect | Route check to peer WG IP | Route uses wg0 |
| V4 | WG reachability | Connectivity check | Peer WG IP reachable |
| V5 | Public/LAN isolation | External reachability check | Service ports not reachable via public/LAN |
| V6 | WG-only ingress | WG reachability check | Service ports reachable via WG IP |
Validation Procedure
| Step | Action | Expected Result |
|---|---|---|
| 1 | Inspect wg0 status on each host | wg0 up and has correct WG IP |
| 2 | Review WG peer handshakes | Handshakes recent and transfer counters increasing |
| 3 | Validate route to peer WG IP | Route uses wg0 |
| 4 | Test reachability via WG IP | Service reachable via WG only |
| 5 | Test reachability via public/LAN IP | Service blocked via public/LAN |
End of Validation — RFC-WG-0001