Global IPv4 with ARP and wireguard peers

Tue, 11 May 2021 21:49:34 -0700 

Hi all,
  I'm trying to give my wireguard peer a global IPv4 and IPv6.
The IPv6 is working fine, but the IPv4 doesn't work.

My VPS host (frantech) has provided me with two IPv4s,
198.98.53.194 (main IP through dhcp) and 198.98.61.217
which I can get on my vio0 interface with the configuration

/etc/hostname.vio0:

inet autoconf
inet alias 198.98.61.217 255.255.255.0 198.98.61.1
inet6 alias 2605:6400:10:c0::6942 48
inet6 alias 2605:6400:819e::6942 48
!route -n add -inet6 default 2605:6400:10::1


The above configuration works nicely if I want my VPS to get
both the IPs. But I want the 198.98.61.217 to go to my wireguard
peer. So I commented out the second line to get

inet autoconf
#inet alias 198.98.61.217 255.255.255.0 198.98.61.1
inet6 alias 2605:6400:10:c0::6942 48
inet6 alias 2605:6400:819e::6942 48
!route -n add -inet6 default 2605:6400:10::1

and in my wireguard config I have

/etc/hostname.wg0:

inet 10.42.69.1 255.255.255.255 10.42.69.1
inet6 alias 2605:6400:819e:4269:ffff::4269 80
mtu 1420

wgkey <key> wgport 6969
wgpeer <pubkey> wgpsk <pskey> wgaip 198.98.61.217/32 wgaip 2605:6400:819e:4269:ffff::1/80 

up

!route -n add -inet 198.98.61.217/32 -iface 10.42.69.1
!route -n add -inet6 2605:6400:819e:4269:ffff::/80 -iface 2605:6400:819e:4269:ffff::4269 

After starting both the interfaces and wireguard interface on the peer,
I am able to ping the peers global IPv6 from a different VPS on vultr, but not the IPv4. I am able to ping the peers IPv4 from the frantech VPS 
but I assume that is because I have a route set up.

So for this I tried adding an arp proxy entry, but that gives an error
$ arp -n -s 198.98.61.217 $(ifconfig vio0 | grep lladdr | awk '{print $2; }') pub 
set: proxy entry exists for non 802 device
Now I tried to do weirder things, (1) I destroyed the wg0 interface, (2) added the arp entry, (3) deleted the arp entry, (4) started the wg0 interface - and now I can ping the IPv4 from outside!!!???? But this only stays for ~10-15 minutes and after which it again stops working?? 

$ ifconfig wg0 destroy
$ arp -n -s 198.98.61.217 $(ifconfig vio0 | grep lladdr | awk '{print $2; }') pub 
$ arp -n -d 198.98.61.217
$ sh /etc/netstart wg0

Has anyone tried to get something like this to work?
I dont get why it works for a while and then suddenly stops working!?
At least the fact that it is working for a while means it should be possible to do this but my networking knowledge falls short, maybe I'm missing something obvious, so I'd appreciate the help. 

Thanks!
Aisha

Reply via email to