Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

FS#2731 - Wireguard interface mask settings #8516

Closed
openwrt-bot opened this issue Jan 12, 2020 · 4 comments
Closed

FS#2731 - Wireguard interface mask settings #8516

openwrt-bot opened this issue Jan 12, 2020 · 4 comments
Labels

Comments

@openwrt-bot
Copy link

yalexey:

Wireguard interface by default start with equal IP addresses on both ends of PvP connection and mask 255.255.255.255

That's prevent from routing and some package working. Even static routes don't resolve this issue totally.

I have to manually set network mask option in /etc/config/network to make bird4 work with this.

Mainteiners of luci said, protocols need to accept configuration in address/cidr or address/mask format from web configuration utility. So netmask field in luci is unavailable.

But wireguard oblivious don't.

@openwrt-bot
Copy link
Author

yalexey:

You can see dialogue here

@openwrt-bot
Copy link
Author

jow-:

So what is wrong with option addresses a.b.c.d/24 ? What configuration did you try, what was wrong about it? What was the expected outcome instead? How did you add the netmask parameter and where? The wireguard.sh proto handler does not implement option netmask so you surely must have done something different then.

@openwrt-bot
Copy link
Author

yalexey:

This is standard configuration of WG interface:

WG0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:192.168.160.2 P-t-P:192.168.160.2 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MTU:1420 Metric:1 RX packets:620 errors:0 dropped:0 overruns:0 frame:0 TX packets:683 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:350740 (342.5 KiB) TX bytes:77324 (75.5 KiB)

It's working, but not for all cases.

Maybe it is problem of bird4, but until I don't change interface mask to 255.255.255.0 manually, a new dynamic routes through 192.168.160.1 on other side of tunnel can't be created over this interface.

Any static routes don't change the problem. Not to mention that static routes for VPN connections are not a good idea.

@openwrt-bot
Copy link
Author

yalexey:

OK. I will describe it again in sequence.

  1. For ipv4 protocol mask /32 (or 255.255.255.255) means exactly one address. if it is an interface mask, then only one interface IP is available on this interface, and no other IP are available. That thing, any dynamic routing system purely arithmetically relates to the topic.

  2. If I specify CIDR with the address of the interface in the network configuration file or in the web form, this does not change the properties of the created interface. It's start with mask /32 anyway. I can change the interface mask only by directly setting a parameter===option netmask '255.255.255.0'===
    in the /etc/config/network configuration file. It follows that it is impossible to configure an interface in accordance with the standard requirements by the LuCI form.

  3. In the dialogue referenced above, the person told me that in the LuCI form there should not be a separate IP mask field for configuring the protocol. According to the internal rules accepted for openwrt.

  4. From what has been said follows that it is necessary to change the way that configuration data is interpreted on initializing the WG interface. That CIDR from the configuration of the interface must turned into an IP address and interface mask. And not just an address with a fixed mask of 255.255.255.255, as it goes now.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

1 participant