* Maximum number of interfaces ?
@ 2017-01-03 8:52 Will van Gulik
2017-01-05 22:49 ` Maximum number of interfaces + Debug Will van Gulik
0 siblings, 1 reply; 7+ messages in thread
From: Will van Gulik @ 2017-01-03 8:52 UTC (permalink / raw)
To: wireguard
Hi,
I'm trying to use multiple wireguard tunnel in one VM at the same time, =
but it seems that only the first two I configured are working. I'm =
currently trying with 5 interfaces, I see the incoming packet in tcpdump =
but no reaction of the destination host with all the wg interfaces.
I'm not sure there is a limitation on that, I could totally have missed =
that. Should I use 1 interface with multiple peers rather than multiple =
interface ?
I'm testing that on a Debian with 4.8.7-1, running on a KVM host.
Any insight ?
Kind regards,
Will=
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: Maximum number of interfaces + Debug
2017-01-03 8:52 Maximum number of interfaces ? Will van Gulik
@ 2017-01-05 22:49 ` Will van Gulik
2017-01-11 9:58 ` Baptiste Jonglez
2017-01-11 23:59 ` Jason A. Donenfeld
0 siblings, 2 replies; 7+ messages in thread
From: Will van Gulik @ 2017-01-05 22:49 UTC (permalink / raw)
To: wireguard
Hi Everyone,
I went a bit further and did compile the module with debug rather than =
using the repo's version, and I get a :
wireguard: Invalid packet from xxxx:yyy
in my dmesg. I would have hoped to get something more clear, but would a =
module version mismatch be an issue or does this mostly looks like a key =
issue ? I would be strange because I reissued them several times.
Any clue, ideas, else ?
Cheers,
Will
> On 03 Jan 2017, at 09:52, Will van Gulik <mailing-porcus@porcus.ch> =
wrote:
>=20
> Hi,
>=20
> I'm trying to use multiple wireguard tunnel in one VM at the same =
time, but it seems that only the first two I configured are working. I'm =
currently trying with 5 interfaces, I see the incoming packet in tcpdump =
but no reaction of the destination host with all the wg interfaces.
>=20
> I'm not sure there is a limitation on that, I could totally have =
missed that. Should I use 1 interface with multiple peers rather than =
multiple interface ?
>=20
> I'm testing that on a Debian with 4.8.7-1, running on a KVM host.
>=20
> Any insight ?
>=20
> Kind regards,
>=20
> Will
> _______________________________________________
> WireGuard mailing list
> WireGuard@lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/wireguard
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: Maximum number of interfaces + Debug
2017-01-05 22:49 ` Maximum number of interfaces + Debug Will van Gulik
@ 2017-01-11 9:58 ` Baptiste Jonglez
2017-01-11 21:49 ` Will van Gulik
2017-01-11 23:59 ` Jason A. Donenfeld
1 sibling, 1 reply; 7+ messages in thread
From: Baptiste Jonglez @ 2017-01-11 9:58 UTC (permalink / raw)
To: Will van Gulik; +Cc: wireguard
[-- Attachment #1: Type: text/plain, Size: 1696 bytes --]
Hi Will,
On Thu, Jan 05, 2017 at 11:49:03PM +0100, Will van Gulik wrote:
> Hi Everyone,
>
> I went a bit further and did compile the module with debug rather than using the repo's version, and I get a :
> wireguard: Invalid packet from xxxx:yyy
> in my dmesg. I would have hoped to get something more clear, but would a module version mismatch be an issue or does this mostly looks like a key issue ? I would be strange because I reissued them several times.
There have been backwards-incompatible changes recently: can you make sure
that you use the exact same wireguard version on all peers?
> Any clue, ideas, else ?
>
> Cheers,
>
> Will
>
> > On 03 Jan 2017, at 09:52, Will van Gulik <mailing-porcus@porcus.ch> wrote:
> >
> > Hi,
> >
> > I'm trying to use multiple wireguard tunnel in one VM at the same time, but it seems that only the first two I configured are working. I'm currently trying with 5 interfaces, I see the incoming packet in tcpdump but no reaction of the destination host with all the wg interfaces.
> >
> > I'm not sure there is a limitation on that, I could totally have missed that. Should I use 1 interface with multiple peers rather than multiple interface ?
> >
> > I'm testing that on a Debian with 4.8.7-1, running on a KVM host.
> >
> > Any insight ?
> >
> > Kind regards,
> >
> > Will
> > _______________________________________________
> > WireGuard mailing list
> > WireGuard@lists.zx2c4.com
> > https://lists.zx2c4.com/mailman/listinfo/wireguard
>
> _______________________________________________
> WireGuard mailing list
> WireGuard@lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/wireguard
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: Maximum number of interfaces + Debug
2017-01-11 9:58 ` Baptiste Jonglez
@ 2017-01-11 21:49 ` Will van Gulik
2017-01-11 23:57 ` Baptiste Jonglez
0 siblings, 1 reply; 7+ messages in thread
From: Will van Gulik @ 2017-01-11 21:49 UTC (permalink / raw)
To: wireguard
[-- Attachment #1: Type: text/plain, Size: 1958 bytes --]
Hi Baptiste,
> On 11 Jan 2017, at 10:58, Baptiste Jonglez <baptiste@bitsofnetworks.org> wrote:
>
> Hi Will,
>
>
> There have been backwards-incompatible changes recently: can you make sure
> that you use the exact same wireguard version on all peers?
I was using the same version (Debian package 0.0.20161230-1 from Unstable). However my bug occured between the package version and the compiled version from 0.0.20170105 . So I'll retry with both same kernel modules. Because at least for that try, I have a mismatch. But for my previous experiments all the version were the same.
Additional question, is it better to use one interface with a big subnet and multiple remote peers or an interface by peer with a /30 or a /31 ?
Cheers,
Will
>
>> Any clue, ideas, else ?
>>
>> Cheers,
>>
>> Will
>>
>>> On 03 Jan 2017, at 09:52, Will van Gulik <mailing-porcus@porcus.ch> wrote:
>>>
>>> Hi,
>>>
>>> I'm trying to use multiple wireguard tunnel in one VM at the same time, but it seems that only the first two I configured are working. I'm currently trying with 5 interfaces, I see the incoming packet in tcpdump but no reaction of the destination host with all the wg interfaces.
>>>
>>> I'm not sure there is a limitation on that, I could totally have missed that. Should I use 1 interface with multiple peers rather than multiple interface ?
>>>
>>> I'm testing that on a Debian with 4.8.7-1, running on a KVM host.
>>>
>>> Any insight ?
>>>
>>> Kind regards,
>>>
>>> Will
>>> _______________________________________________
>>> WireGuard mailing list
>>> WireGuard@lists.zx2c4.com
>>> https://lists.zx2c4.com/mailman/listinfo/wireguard
>>
>> _______________________________________________
>> WireGuard mailing list
>> WireGuard@lists.zx2c4.com <mailto:WireGuard@lists.zx2c4.com>
>> https://lists.zx2c4.com/mailman/listinfo/wireguard <https://lists.zx2c4.com/mailman/listinfo/wireguard>
[-- Attachment #2: Type: text/html, Size: 6061 bytes --]
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: Maximum number of interfaces + Debug
2017-01-11 21:49 ` Will van Gulik
@ 2017-01-11 23:57 ` Baptiste Jonglez
0 siblings, 0 replies; 7+ messages in thread
From: Baptiste Jonglez @ 2017-01-11 23:57 UTC (permalink / raw)
To: Will van Gulik; +Cc: wireguard
[-- Attachment #1: Type: text/plain, Size: 2373 bytes --]
On Wed, Jan 11, 2017 at 10:49:26PM +0100, Will van Gulik wrote:
> Hi Baptiste,
>
> > On 11 Jan 2017, at 10:58, Baptiste Jonglez <baptiste@bitsofnetworks.org> wrote:
> >
> > Hi Will,
> >
> >
> > There have been backwards-incompatible changes recently: can you make sure
> > that you use the exact same wireguard version on all peers?
>
> I was using the same version (Debian package 0.0.20161230-1 from
> Unstable). However my bug occured between the package version and the
> compiled version from 0.0.20170105 . So I'll retry with both same kernel
> modules. Because at least for that try, I have a mismatch. But for my
> previous experiments all the version were the same.
Ok then, I don't know what the issue might be.
> Additional question, is it better to use one interface with a big subnet
> and multiple remote peers or an interface by peer with a /30 or a /31 ?
It depends on your use-case. As far as I remember, you were using OSPF on
top of Wireguard, weren't you? In that case, you are forced to use one
interface per peer (with AllowedIPs = ::/0 on each interface).
Baptiste
> >> Any clue, ideas, else ?
> >>
> >> Cheers,
> >>
> >> Will
> >>
> >>> On 03 Jan 2017, at 09:52, Will van Gulik <mailing-porcus@porcus.ch> wrote:
> >>>
> >>> Hi,
> >>>
> >>> I'm trying to use multiple wireguard tunnel in one VM at the same time, but it seems that only the first two I configured are working. I'm currently trying with 5 interfaces, I see the incoming packet in tcpdump but no reaction of the destination host with all the wg interfaces.
> >>>
> >>> I'm not sure there is a limitation on that, I could totally have missed that. Should I use 1 interface with multiple peers rather than multiple interface ?
> >>>
> >>> I'm testing that on a Debian with 4.8.7-1, running on a KVM host.
> >>>
> >>> Any insight ?
> >>>
> >>> Kind regards,
> >>>
> >>> Will
> >>> _______________________________________________
> >>> WireGuard mailing list
> >>> WireGuard@lists.zx2c4.com
> >>> https://lists.zx2c4.com/mailman/listinfo/wireguard
> >>
> >> _______________________________________________
> >> WireGuard mailing list
> >> WireGuard@lists.zx2c4.com <mailto:WireGuard@lists.zx2c4.com>
> >> https://lists.zx2c4.com/mailman/listinfo/wireguard <https://lists.zx2c4.com/mailman/listinfo/wireguard>
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: Maximum number of interfaces + Debug
2017-01-05 22:49 ` Maximum number of interfaces + Debug Will van Gulik
2017-01-11 9:58 ` Baptiste Jonglez
@ 2017-01-11 23:59 ` Jason A. Donenfeld
2017-01-12 8:11 ` Will van Gulik
1 sibling, 1 reply; 7+ messages in thread
From: Jason A. Donenfeld @ 2017-01-11 23:59 UTC (permalink / raw)
To: Will van Gulik; +Cc: WireGuard mailing list
Send pcaps!
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: Maximum number of interfaces + Debug
2017-01-11 23:59 ` Jason A. Donenfeld
@ 2017-01-12 8:11 ` Will van Gulik
0 siblings, 0 replies; 7+ messages in thread
From: Will van Gulik @ 2017-01-12 8:11 UTC (permalink / raw)
To: Jason A. Donenfeld; +Cc: WireGuard mailing list
I'll do my tests again with kernel modules and will do pcaps too ;)
Thanks !
> On 12 Jan 2017, at 00:59, Jason A. Donenfeld <Jason@zx2c4.com> wrote:
>
> Send pcaps!
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2017-01-12 8:02 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-01-03 8:52 Maximum number of interfaces ? Will van Gulik
2017-01-05 22:49 ` Maximum number of interfaces + Debug Will van Gulik
2017-01-11 9:58 ` Baptiste Jonglez
2017-01-11 21:49 ` Will van Gulik
2017-01-11 23:57 ` Baptiste Jonglez
2017-01-11 23:59 ` Jason A. Donenfeld
2017-01-12 8:11 ` Will van Gulik
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).