On 2018-05-03 15:37, chrono wrote:
$ wg-quick up wg0
[#] ip link add wg0 type wireguard
[#] wg setconf wg0 /dev/fd/63
[#] ip address add 172.23.3.2/29 dev wg0
[#] ip link set mtu 1420 dev wg0
[#] ip link set wg0 up
[#] wg set wg0 fwmark 51820
[#] ip -4 route add 0.0.0.0/0 dev wg0 table 51820
$ wg-quick up wg0
[#] ip link add wg0 type wireguard
[#] wg setconf wg0 /dev/fd/63
[#] ip address add 172.23.3.2/29 dev wg0
[#] ip link set mtu 1420 dev wg0
[#] ip link set wg0 up
[#] wg set wg0 fwmark 51820
[#] ip -4 route add 0.0.0.0/0 dev wg0 table 51820
[#] ip -4 rule add not fwmark 51820 tabl
That may also indicate AllowedIP issue, if I'm not mistaken?
Yes, that seems like a wireguard issue. Perhaps wireguard has problems
with multicast dst because it does not know which key to use? Just
guessing, i do not know wireguard.
Possible workaround would be to configure OSPF on that iface
You need to set AllowedIPs to 0.0.0.0/0 on both sides. That way
wireguard will pass all traffic through (that only works for p2p links
with only two peers, obviously). In your current setup, wireguard won't
pass the OSPF multicast traffic, so you will see no neighbour
associations. And even if you
Also i saw that your config files do not have 'log' option, so you have
no logging. You should enable logging and see if there are no error
messages.
Ah, interesting:
2018-05-03 15:37:32 MyOSPF: HELLO packet sent via wg0
2018-05-03 15:37:32 MyOSPF: Socket error on wg0: Required key not
avail
PtP should be correct, but it is possible that as wireguard is a new
thing,
it has broken multicast handling. Generally, PtP tunnels should have no
problems to use multicast - just send everything to the other side.
But as the tcpdump on one side shows periodic hellos from both sides,
then it is
[ ... ]
just to be sure that not wireguard is the problem here, how looks your
AllowedIPs within the wireguard config?
Maybe it does not allow traffic of the routers?
That may be so, currently I only have each opposite site in there
AllowedIPs = 172.23.3.1/32 (on 172.23.3.2)
AllowedIPs = 172.
Hi Ondrej,
thanks for the quick reply.
What makes me wonder is why wg0 is coming up as stubnet here,
while the MPLS links come up as network (stubnet 172.23.3.0/29 metric
10)
and 172.23.3.0/29 (wg0 net) not being listed.
You don't see 172.23.3.0/29 as network, because these ifaces are
conf
Ahoy all,
I'm struggling a little to set wireguard as a fallback link
in conjunction with two MPLS links. In my tests BIRD would
not route traffic through wg0 when I took the other two
interfaces down. The setup is rather simple, two DCs, each
side has a gw running BIRD.
Config DC1
ro
eally no working ECMP support
for bird on FreeBSD yet? If not, is there some sort of bounty
possibility? I could check with my company if they're open to
it (since we really need it) - if that could help bring that
feature forward.
--
chrono
10 matches
Mail list logo
