https://bugs.kde.org/show_bug.cgi?id=403347
Bug ID: 403347
Summary: Wireguard connection with Table=off kills internet
Product: plasma-nm
Version: 5.14.90
Platform: Other
OS: Linux
Status: REPORTED
Severity: normal
Priority: NOR
Component: general
Assignee: jgrul...@redhat.com
Reporter: rokups...@gmail.com
Target Milestone: ---
I have wireguard connection with Table=off and some custom routes. Importing
this connection and connecting to it through plasma's network manager applet
kills internet connection. Connecting to very same connection through `wg-quick
up wg21` works as intended.
Server config:
[Interface]
Address = 10.21.0.1/24
Table = off
SaveConfig = true
ListenPort = 43283
PrivateKey = <...>
Client config:
[Interface]
Address = 10.21.0.10/32
ListenPort = 51821
PrivateKey = <...>
Table = off
PostUp = ip route add 10.20.0.100 dev wg21; ip route add 10.21.0.0/24 dev wg21
PreDown = ip route del 10.20.0.100 dev wg21; ip route del 10.21.0.0/24 dev wg21
[Peer]
PublicKey = <...>
AllowedIPs = 0.0.0.0/0
Endpoint = 178.63.54.79:43283
OBSERVED RESULT
Pinging 10.20.0.100 works as intended (it is a VM running on 10.21.0.1). Normal
internet access on client machine breaks (like opening pages in firefox).
EXPECTED RESULT
Pinging 10.20.0.100 and browsing internet should both work. Client does not
route all of it's traffic through this vpn connection.
SOFTWARE/OS VERSIONS
Linux/KDE Plasma: archlinux kde-unstable packages
(available in About System)
KDE Plasma: 5.14.90
KDE Frameworks 5.54.0
Qt 5.12.0 (built against 5.12.0)
ADDITIONAL INFORMATION
Route tables:
No wireguard VPN connected
~ % ip route
default via 10.32.60.1 dev tun0 proto static metric 50
default via 192.168.1.254 dev eno1 proto dhcp metric 20100
10.32.60.0/24 dev tun0 proto kernel scope link src 10.32.60.101 metric 50
46.19.137.115 via 192.168.1.254 dev eno1 proto static metric 100
192.168.1.0/24 dev eno1 proto kernel scope link src 192.168.1.100 metric 100
192.168.1.254 dev eno1 proto static scope link metric 100
192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 linkdown
192.168.123.0/24 dev virbr1 proto kernel scope link src 192.168.123.1 linkdown
Wireguard VPN through plasma-nm (internet does not work)
~ % ip route
default via 10.32.60.1 dev tun0 proto static metric 50
default via 192.168.1.254 dev eno1 proto dhcp metric 20100
10.21.0.10 dev wg21 proto kernel scope link src 10.21.0.10 metric 50
10.32.60.0/24 dev tun0 proto kernel scope link src 10.32.60.101 metric 50
46.19.137.115 via 192.168.1.254 dev eno1 proto static metric 100
192.168.1.0/24 dev eno1 proto kernel scope link src 192.168.1.100 metric 100
192.168.1.254 dev eno1 proto static scope link metric 100
192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 linkdown
192.168.123.0/24 dev virbr1 proto kernel scope link src 192.168.123.1 linkdown
Wireguard VPN through wg-quick (internet works)
~ % ip route
default via 10.32.60.1 dev tun0 proto static metric 50
default via 192.168.1.254 dev eno1 proto dhcp metric 20100
10.20.0.100 dev wg21 scope link
10.21.0.0/24 dev wg21 scope link
10.32.60.0/24 dev tun0 proto kernel scope link src 10.32.60.101 metric 50
46.19.137.115 via 192.168.1.254 dev eno1 proto static metric 100
192.168.1.0/24 dev eno1 proto kernel scope link src 192.168.1.100 metric 100
192.168.1.254 dev eno1 proto static scope link metric 100
192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 linkdown
192.168.123.0/24 dev virbr1 proto kernel scope link src 192.168.123.1 linkdown
It is not entirely clear to me what is going on here. Even though route table
says route to 10.20.0.100 is missing - i can ping it. Doing naive thing and
adding that route manually does not fix internet of course. No unexpected
default route is added either so i have no idea what is going on.
I also verified imported connection in plasma-nm UI. All configuration options
specified in imported wg21.conf are present in UI.
--
You are receiving this mail because:
You are watching all bug changes.
