From: wireguard@meta-cti.com.br
To: wireguard@lists.zx2c4.com
Subject: Issues using multiple interfaces between two servers
Date: Tue, 22 Dec 2020 12:57:35 -0300 [thread overview]
Message-ID: <59a75f976f451cf4709fde65d1e308c4.squirrel@www.meta-cti.com.br> (raw)
Hello guys, I'm having problems with my wireguard setup and I don't know
how to solve it. I have two computers running linux in remote locations.
One, which I will call computer A, is in a data center where we advertise
a block of IPs using BGP. The other computer is in a different location
and has two links connecting to the internet and with different providers.
I configured on computer A two wireguard tunnels with different keys and
ports. On computer B I did the same and added two routing tables, one for
each WAN interface and using the ip rule I created rules with destination
on two different IPs of computer A so that they leave through different
links.
As soon as I start the wireguard interfaces of both computers everything
works normally and I can ping both addresses from both tunnels. Then I use
the bird with OSPF and ECMP to take a subnet from the block that is
advertised on computer A to computer B. Everything works normally.
When I execute the wg command on computers A and B, I can see both IPs of
computer B's WAN interfaces in the tunnel's "peer" fields, one from each
remote WAN.
After some time working, it can vary from minutes to a few hours, suddenly
I see that both tunnels started to work on a single WAN interface of
computers A and B. If at this moment I execute the wg command on computer
A, I see that now the "peers" have the same address as only one of the WAN
interfaces of computers A and B, even with the routing rule forcing
packets to go out through different interfaces. Has anyone experienced a
similar problem and knows how it can be solved?
When I run the traceroute command on both computers A and B with the
destination address in the remote computer's WAN IPs, they actually come
out through the correct interface.
next reply other threads:[~2020-12-23 18:13 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-12-22 15:57 wireguard [this message]
2020-12-27 21:31 ` Ivan Labáth
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=59a75f976f451cf4709fde65d1e308c4.squirrel@www.meta-cti.com.br \
--to=wireguard@meta-cti.com.br \
--cc=wireguard@lists.zx2c4.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).