Yggdrasil is supported on Windows on a best effort basis only. You can download the latest installer from GitHub.
On Windows 7 and Server 2008 R2, you must install hotfix KB2921916 before installing Yggdrasil:
The Windows port does not currently have a maintainer and is therefore not as well tested or developed as other platforms. If you are a Windows user that is proficient in Go and would like to volunteer to maintain the Windows port, please reach out to us in our Matrix channel.
Starting with version 0.3.13, Yggdrasil on Windows uses the Wireguard TUN driver. If this is not installed on the system already, it will be installed automatically by the Yggdrasil installer.
For this reason, it is important that you use the correct installer for your
architecture - make sure to use the x64
installer on 64-bit Windows and the
x86
installer on 32-bit Windows.
Please note that the OpenVPN TAP driver is no longer supported.
Once Yggdrasil is started, a new virtual network adapter will be created called
Yggdrasil
by default, although this can be renamed using the IfName
option
in the configuration file (below). The virtual network adapter will not be
visible on the system when Yggdrasil is not running.
The Yggdrasil installer will automatically generate an yggdrasil.conf
configuration file, if one does not exist, in:
%ALLUSERSPROFILE%\Yggdrasil\yggdrasil.conf
Yggdrasil is installed as a Windows service that starts automatically with
Windows. You can start, stop and restart Yggdrasil using the Services MMC
snap-in (services.msc
) or, in more recent versions of Windows, the “Services”
tab in Task Manager.
You will need to restart the Yggdrasil service after each change to the configuration file.
Windows Firewall may prompt for the Yggdrasil process to allow incoming or outgoing connections. If so, you should allow this or Yggdrasil may not be able to establish peerings correctly.
Note that Yggdrasil, by default, does allow incoming traffic over the
Yggdrasil
virtual adapter, therefore you may wish to designate the Yggdrasil
virtual network adapter as a public network in the Windows Firewall so that
unexpected incoming connections are blocked automatically.
If you do, pay particular attention to ensure that file sharing (SMB), remote procedure call (RPC) or remote desktop (RDP) services are not allowed on public networks unless you explicitly need them to be accessible from remote Yggdrasil hosts.
The yggdrasilctl
utility is also installed into the same location above. You
can query Yggdrasil’s runtime state using this tool using a Command Prompt or
PowerShell command line, e.g.
"C:\Program Files\Yggdrasil\yggdrasilctl.exe" getPeers