* [PATCH] wg-quick: replace ip route add with ip route append
@ 2024-01-17 21:01 Til Kaiser
0 siblings, 0 replies; 2+ messages in thread
From: Til Kaiser @ 2024-01-17 21:01 UTC (permalink / raw)
To: wireguard; +Cc: Til Kaiser
Adding a WireGuard interface with an IPv6 link-local address
isn't possible when there is a route for another interface
with the same IPv6 prefix length on the system, assuming that
the "ip route add" command chooses the same metric value.
The Manpage of ip-route states: "With IPv6, further nexthops
may be appended to the same route via 'ip route append' command."
So this patch replaces all occurrences of "ip route add"
with "ip route append."
Steps to reproduce:
$ ip link add ip6-test-if type dummy
$ ip address add fe80::2/64 dev ip6-test-if
$ ip link set ip6-test-if up
$ ip -6 route flush dev ip6-test-if
$ ip -6 route add fe80::/64 dev ip6-test-if
$ wg-quick up ip6-test-wg
[#] ip link add ip6-test-wg type wireguard
[#] wg setconf ip6-test-wg /dev/fd/63
[#] ip -6 address add fe80::3/128 dev ip6-test-wg
[#] ip link set mtu 1420 up dev ip6-test-wg
[#] ip -6 route add fe80::/64 dev ip6-test-wg
RTNETLINK answers: File exists
[#] ip link delete dev ip6-test-wg
/etc/wireguard/ip6-test-wg.conf:
[Interface]
Address = fe80::3/128
...
[Peer]
AllowedIPs = fe80::/64
...
Signed-off-by: Til Kaiser <mail@tk154.de>
---
src/wg-quick/linux.bash | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/wg-quick/linux.bash b/src/wg-quick/linux.bash
index 4193ce5..f324762 100755
--- a/src/wg-quick/linux.bash
+++ b/src/wg-quick/linux.bash
@@ -170,11 +170,11 @@ add_route() {
[[ $TABLE != off ]] || return 0
if [[ -n $TABLE && $TABLE != auto ]]; then
- cmd ip $proto route add "$1" dev "$INTERFACE" table "$TABLE"
+ cmd ip $proto route append "$1" dev "$INTERFACE" table "$TABLE"
elif [[ $1 == */0 ]]; then
add_default "$1"
else
- [[ -n $(ip $proto route show dev "$INTERFACE" match "$1" 2>/dev/null) ]] || cmd ip $proto route add "$1" dev "$INTERFACE"
+ [[ -n $(ip $proto route show dev "$INTERFACE" match "$1" 2>/dev/null) ]] || cmd ip $proto route append "$1" dev "$INTERFACE"
fi
}
@@ -222,7 +222,7 @@ add_default() {
[[ $1 == *:* ]] && proto=-6 iptables=ip6tables pf=ip6
cmd ip $proto rule add not fwmark $table table $table
cmd ip $proto rule add table main suppress_prefixlength 0
- cmd ip $proto route add "$1" dev "$INTERFACE" table $table
+ cmd ip $proto route append "$1" dev "$INTERFACE" table $table
local marker="-m comment --comment \"wg-quick(8) rule for $INTERFACE\"" restore=$'*raw\n' nftable="wg-quick-$INTERFACE" nftcmd
printf -v nftcmd '%sadd table %s %s\n' "$nftcmd" "$pf" "$nftable"
--
2.40.1
^ permalink raw reply [flat|nested] 2+ messages in thread
* [PATCH] wg-quick: replace ip route add with ip route append
@ 2024-01-26 18:37 Til Kaiser
0 siblings, 0 replies; 2+ messages in thread
From: Til Kaiser @ 2024-01-26 18:37 UTC (permalink / raw)
To: wireguard; +Cc: Til Kaiser
Adding a WireGuard interface with an IPv6 link-local address
isn't possible when there is a route for another interface
with the same IPv6 prefix length on the system, assuming that
the "ip route add" command chooses the same metric value.
The Manpage of ip-route states: "With IPv6, further nexthops
may be appended to the same route via 'ip route append' command."
So this patch replaces all occurrences of "ip route add"
with "ip route append."
Steps to reproduce:
$ ip link add ip6-test-if type dummy
$ ip address add fe80::2/64 dev ip6-test-if
$ ip link set ip6-test-if up
$ ip -6 route flush dev ip6-test-if
$ ip -6 route add fe80::/64 dev ip6-test-if
$ wg-quick up ip6-test-wg
[#] ip link add ip6-test-wg type wireguard
[#] wg setconf ip6-test-wg /dev/fd/63
[#] ip -6 address add fe80::3/128 dev ip6-test-wg
[#] ip link set mtu 1420 up dev ip6-test-wg
[#] ip -6 route add fe80::/64 dev ip6-test-wg
RTNETLINK answers: File exists
[#] ip link delete dev ip6-test-wg
/etc/wireguard/ip6-test-wg.conf:
[Interface]
Address = fe80::3/128
...
[Peer]
AllowedIPs = fe80::/64
...
Signed-off-by: Til Kaiser <mail@tk154.de>
---
src/wg-quick/linux.bash | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/wg-quick/linux.bash b/src/wg-quick/linux.bash
index 4193ce5..f324762 100755
--- a/src/wg-quick/linux.bash
+++ b/src/wg-quick/linux.bash
@@ -170,11 +170,11 @@ add_route() {
[[ $TABLE != off ]] || return 0
if [[ -n $TABLE && $TABLE != auto ]]; then
- cmd ip $proto route add "$1" dev "$INTERFACE" table "$TABLE"
+ cmd ip $proto route append "$1" dev "$INTERFACE" table "$TABLE"
elif [[ $1 == */0 ]]; then
add_default "$1"
else
- [[ -n $(ip $proto route show dev "$INTERFACE" match "$1" 2>/dev/null) ]] || cmd ip $proto route add "$1" dev "$INTERFACE"
+ [[ -n $(ip $proto route show dev "$INTERFACE" match "$1" 2>/dev/null) ]] || cmd ip $proto route append "$1" dev "$INTERFACE"
fi
}
@@ -222,7 +222,7 @@ add_default() {
[[ $1 == *:* ]] && proto=-6 iptables=ip6tables pf=ip6
cmd ip $proto rule add not fwmark $table table $table
cmd ip $proto rule add table main suppress_prefixlength 0
- cmd ip $proto route add "$1" dev "$INTERFACE" table $table
+ cmd ip $proto route append "$1" dev "$INTERFACE" table $table
local marker="-m comment --comment \"wg-quick(8) rule for $INTERFACE\"" restore=$'*raw\n' nftable="wg-quick-$INTERFACE" nftcmd
printf -v nftcmd '%sadd table %s %s\n' "$nftcmd" "$pf" "$nftable"
--
2.40.1
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2024-11-18 14:13 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2024-01-17 21:01 [PATCH] wg-quick: replace ip route add with ip route append Til Kaiser
2024-01-26 18:37 Til Kaiser
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).