https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=253790
Bug ID: 253790
Summary: if_wg(4) lacks persistent keepalive
Product: Base System
Version: 13.0-STABLE
Hardware: Any
OS: Any
Status: New
Severity: Affects Some People
Priority: ---
Component: kern
Assignee: b...@freebsd.org
Reporter: cr...@rlwinm.de
I have to run a WireGuard tunnel through a NAT and the tunnel is used for
bursty traffic and without the keepalives supported by wireguard-go, OpenBSD
and Linux the NAT state times out between bursts.
I've found no way to configure a persistent keepalive interval on FreeBSD
13.0-BETA3 and from a quick glance at the ifconfig and if_wg sources it appears
this feature is missing. If I configure a keepalive interval at the other end
of the tunnel the key exchange fails.
The only workaround for this is to generate traffic at all times to keep the
tunnel open e.g. while true; ping -c1 $peer_internal; sleep 10; done
One of the really nice things about WireGuard is the interoperability between
all existing implementations. This limitation is the first incompatibility
between implementations I've encountered.
--
You are receiving this mail because:
You are the assignee for the bug.
_______________________________________________
freebsd-bugs@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"
