New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
FS#3653 - wireguard is not working - not sending any packets #8688
Comments
cryobry: //allowed ips: 10.10.10.0/24// Are you testing from this subnet? Perhaps your network layout has changed w/ the version upgrade? Do you have software flow offloading enabled? Try disabling it and retesting. |
piontec: Yes, I have an IP from the same subnet and the src IP is chosen correctly in the routing process. I'm not sure about the software flow offloading - how can I check and change it? |
piontec: OK, found it. I've checked with both software flow offloading on and off - no difference. |
cryobry: Are you sure that the wan interface is up? Try restarting it. You can use pbr or a vlan to bypass the tunnel for testing, if necessary. I've found that it's sometimes necessary to restart the wan interface(s) after adding a new interface. |
piontec: Thanks for the suggestions, but I'm sure wan is up, I'm using it to write this response and I've verified with tcpdump that packets created with netcat with UDP and the same port number successfully leave my openwrt router and reach tunnel gateway. I tried restarting wan, but still no luck :( |
piontec: I rolled back to firmware "OpenWrt 19.07.4 r11208-ce6496d796 / LuCI openwrt-19.07 branch git-20.247.75781-0d0ab01" built by https://github.com/araujorm/openwrt/releases/ and my wireguard just works - no config changes. |
piontec:
I'm using 19.07.7 r11306-c4a6851c72 build on xiaomi mi router 4a gigabit, built by [[https://gitlab.com/db260179/xiaomi-m4a/-/releases|David Betham]] (it doesn't affect wireguard, I think).
The problem I'm having is that wireguard is completely not working: although the tunnel is configured, it never sends any traffic to the destination peer.
My wg config:
wg show
interface: wg0
public key: Kus59Dar/4ki3/IWM7UVn5uFFco79btQgH9CKCDERF8=
private key: (hidden)
listening port: 31833
peer: qEgo8fA/w9pXtBoQnB5/U/jNn30AFxloPV/owjxKj0A=
endpoint: 185.X.Y.Z:1195
allowed ips: 10.10.10.0/24
persistent keepalive: every 15 seconds
Now, I start
tcpdump -i any -f "udp and port 1195"
and ping the remote end tunnel, but not a single ping is returned nor I see a single packet captured by tcpdump. The same config and device were working on some unofficial 17.07.4 build I was using previously.
Kernel used:
uname -a
Linux coffee 4.14.221 #0 SMP Mon Feb 15 15:22:37 2021 mips GNU/Linux
My software versions are:
kmod-udptunnel4 - 4.14.221-1
kmod-udptunnel6 - 4.14.221-1
kmod-wireguard - 4.14.221+1.0.20200611-2
luci-app-wireguard - git-21.054.03371-3b137b5-1
luci-proto-wireguard - git-21.054.03371-3b137b5-1
wireguard - 1.0.20200611-2
wireguard-tools - 1.0.20191226-1
Please let me know how can I help investigate it further.
The text was updated successfully, but these errors were encountered: