Freebsd Wireguard-go behavior

Freebsd Wireguard-go behavior

[Peter Libassi]

[-- Attachment #1.1: Type: text/plain, Size: 1520 bytes --]

Hi,

I’ve been using wireguard as a peer-to-peer VPN on linux for many years now (thanks Jason!) 
Recently I’ve been using wireguard-go on Freebsd. I noticed that there are a difference.

I used to add an IP address to the wg interface on both sides, which is a good starting point to verify that I got the VPN up and running. Ping responses on both local and remote IP address tells me everything is ok.

However on Freebsd ( wireguard version 1.0.20200121 ) with same config, local ping does not respond?!, remote works from either side but not local ping on the wg interface IP address.

I verified Freebsd behavior by creating a tun interface with ifconfig, added an IP address and that local IP address responds to ping...

I actually get two different scenarios, either no ping response or a response that the ping packet where sent trough the tunnel and bounced back:

root@bsd1:~ # ping 192.168.9.1
PING 192.168.9.1 (192.168.9.1): 56 data bytes
92 bytes from 192.168.9.2: Redirect Host(New addr: 192.168.9.1)
Vr HL TOS  Len   ID Flg  off TTL Pro  cks      Src      Dst
 4  5  00 0054 cdcd   0 0000  40  01 1989 192.168.9.1  192.168.9.1 

64 bytes from 192.168.9.1: icmp_seq=0 ttl=63 time=4.401 ms
92 bytes from 192.168.9.2: Redirect Host(New addr: 192.168.9.1)
Vr HL TOS  Len   ID Flg  off TTL Pro  cks      Src      Dst
 4  5  00 0054 21c7   0 0000  40  01 c58f 192.168.9.1  192.168.9.1 

I’m confused.  Is this expected behavior? Can someone please explain.

Thanks
Peter



[-- Attachment #1.2: Type: text/html, Size: 4673 bytes --]

[-- Attachment #2: Type: text/plain, Size: 148 bytes --]

_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard