Development discussion of WireGuard
 help / color / mirror / Atom feed
From: Chris <wireguard@spam-free.eu>
To: wireguard@lists.zx2c4.com
Subject: Re: wg-quick up (on linux) fails in case of several default routes
Date: Tue, 6 Oct 2020 15:33:29 +0200	[thread overview]
Message-ID: <79a4e995-763c-9724-02b7-81da87c0f88a@spam-free.eu> (raw)
In-Reply-To: <CAHmME9qUWGbuSasA+xxoJO+ycog9+S6TPW9aPF8fFDkgaQDP3g@mail.gmail.com>

Hello Jason,

setup is
two default routes with diffenrent metrics (the second being the failover in 
case the lower metric connection goes down).
For good reasons wg-quick will setup an individual route to the wg server (for 
the possibility of changing th default route afterwards).
However wg-quick fails:

******log follows***********
wg-quick up wg_client
[#] ip link add wg_client type wireguard
[#] wg setconf wg_client /dev/fd/63
[#] ip -4 address add 10.0.129.200/24 dev wg_client
[#] ip link set mtu 1420 up dev wg_client
[#] GATEW=$(ip route list 0.0.0.0/0|sed -n 's/.* via \(.*\) dev.*/\1/p');route 
add s1.spam-free.eu gw $GATEW
SIOCADDRT: No such device
[#] ip link delete dev wg_client
******log  end  ***********

The point is, that GATEW is NOT a single address but rather a list of ip 
addresses and the command setting the route fails.

Instead one should always run through ALL default gateways and set individual 
routes to the server through ALL the default gateways with the same metric as 
the respective default route.
This will then also work in case the failover route is in operation.

Of course, tearing down the client should delete ALL individual routes to the 
server.
Hope this clarifies is a bit.

Cheers,
Chris

On 06/10/2020 14:20, Jason A. Donenfeld wrote:
> On Mon, Oct 5, 2020 at 3:51 PM Chris <wireguard@spam-free.eu> wrote:
>> wg-quick tries to set the route to the wg server through the default gateway.
> On Linux? It shouldn't be iterating default gateways at all, but
> rather using suppress_prefix. Can you provide more technical
> information about what you're seeing and maybe a patch to fix the
> issue?
>
> Jason



  reply	other threads:[~2020-10-06 13:33 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <mailman.0.1601114111.20018.wireguard@lists.zx2c4.com>
2020-09-26 10:40 ` lineageos 17.1after autostart on boot tunnel not functioning Chris
2020-10-01 14:42   ` Chris
2021-07-14  5:49   ` Android: more than one tunnel Chris
2021-07-14  9:06     ` Simon McNair
2021-07-14 22:09     ` Eric Light
2021-07-14 23:55       ` iiiiiiiiiiii
2021-07-15  6:25       ` Chris
2020-10-01 15:24 ` lineageos 17.1 no incoming Chris
2020-10-05 13:51 ` wg-quick up (on linux) fails in case of several default routes Chris
2020-10-06 12:20   ` Jason A. Donenfeld
2020-10-06 13:33     ` Chris [this message]
2020-10-06 13:47       ` Jason A. Donenfeld
2020-10-06 13:54         ` Chris
2020-10-06 13:58           ` Jason A. Donenfeld
2020-10-06 17:51             ` Chris

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=79a4e995-763c-9724-02b7-81da87c0f88a@spam-free.eu \
    --to=wireguard@spam-free.eu \
    --cc=wireguard@lists.zx2c4.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).