Development discussion of WireGuard
 help / color / mirror / Atom feed
From: Wang Jian <larkwang@gmail.com>
To: "Jason A. Donenfeld" <Jason@zx2c4.com>
Cc: WireGuard mailing list <wireguard@lists.zx2c4.com>
Subject: Re: soft lockup - may be related to wireguard (backported)
Date: Mon, 4 May 2020 20:49:57 +0800	[thread overview]
Message-ID: <CAF75rJAh8xA3-=nk+gTpvULMD-xC41ukEatW=JyowaZHfiOzQg@mail.gmail.com> (raw)
In-Reply-To: <CAHmME9oNus499EVFHVfLNjbOhU+vOV4P7R7USCm1ycNH2e0apA@mail.gmail.com>

Jason A. Donenfeld <Jason@zx2c4.com> 于2020年5月4日周一 下午1:26写道:
>
> Are you routing wireguard over wireguard, or something interesting like that?
>
> Is ipsec being used?

I don't think I have any fancy use cases. But wireguard over pppoe?

Other details are
- nftable's iptables compatible mode is used, along with ipset
- pppoe link is default route, and wg-quick is configured to install
additional default route into new created routing table (2000)
- ipset matches are used to MARK traffic to specific destinations in
mangle table, PREROUTING & OUTPUT, for both v4 and v6
- ip rules are added to match the fwmark and lookup new routing table
(2000, so go out via wireguard interface) for forwarded traffic and
output traffic

Here is the list of loaded kmod.

# lsmod
Module                  Size  Used by
pppoe                  20480  2
pppox                  16384  1 pppoe
ppp_generic            49152  6 pppox,pppoe
slhc                   20480  1 ppp_generic
wireguard              94208  0
curve25519_x86_64      49152  1 wireguard
libcurve25519          49152  2 curve25519_x86_64,wireguard
libchacha20poly1305    16384  1 wireguard
chacha_x86_64          28672  1 libchacha20poly1305
poly1305_x86_64        28672  1 libchacha20poly1305
ip6_udp_tunnel         16384  1 wireguard
udp_tunnel             16384  1 wireguard
libblake2s             16384  1 wireguard
blake2s_x86_64         20480  1 libblake2s
libblake2s_generic     20480  1 blake2s_x86_64
libchacha              16384  1 chacha_x86_64
cfg80211              839680  0
rfkill                 28672  1 cfg80211
8021q                  40960  0
garp                   16384  1 8021q
stp                    16384  1 garp
mrp                    20480  1 8021q
llc                    16384  2 stp,garp
xt_mark                16384  4
xt_set                 16384  4
nft_chain_nat          16384  8
xt_MASQUERADE          20480  3
xt_TCPMSS              16384  5
xt_nat                 16384  2
nf_nat                 53248  3 xt_nat,nft_chain_nat,xt_MASQUERADE
nft_counter            16384  25
xt_tcpudp              20480  7
ipt_REJECT             16384  3
nf_reject_ipv4         16384  1 ipt_REJECT
xt_state               16384  0
xt_conntrack           16384  4
xt_multiport           20480  2
nft_compat             20480  34
nf_tables             176128  93 nft_compat,nft_counter,nft_chain_nat
ip_set_hash_ip         45056  2
ip_set_hash_net        53248  3
ip_set                 57344  3 ip_set_hash_ip,xt_set,ip_set_hash_net
nfnetlink              16384  4 nft_compat,nf_tables,ip_set
binfmt_misc            24576  1
intel_powerclamp       20480  0
nls_ascii              16384  1
coretemp               20480  0
snd_hda_codec_realtek   126976  1
nls_cp437              20480  1
vfat                   20480  1
snd_hda_codec_generic    94208  1 snd_hda_codec_realtek
fat                    86016  1 vfat
ledtrig_audio          16384  2 snd_hda_codec_generic,snd_hda_codec_realtek
snd_hda_codec_hdmi     73728  1
snd_hda_intel          53248  0
snd_intel_dspcfg       24576  1 snd_hda_intel
snd_hda_codec         163840  4
snd_hda_codec_generic,snd_hda_codec_hdmi,snd_hda_intel,snd_hda_codec_realtek
evdev                  28672  3
gma500_gfx            221184  1
efi_pstore             16384  0
snd_hda_core          102400  5
snd_hda_codec_generic,snd_hda_codec_hdmi,snd_hda_intel,snd_hda_codec,snd_hda_codec_realtek
snd_hwdep              16384  1 snd_hda_codec
snd_pcm               131072  4
snd_hda_codec_hdmi,snd_hda_intel,snd_hda_codec,snd_hda_core
drm_kms_helper        233472  1 gma500_gfx
pcspkr                 16384  0
efivars                20480  1 efi_pstore
snd_timer              40960  1 snd_pcm
iTCO_wdt               16384  0
snd                   106496  8
snd_hda_codec_generic,snd_hda_codec_hdmi,snd_hwdep,snd_hda_intel,snd_hda_codec,snd_hda_codec_realtek,snd_timer,snd_pcm
sg                     36864  0
iTCO_vendor_support    16384  1 iTCO_wdt
soundcore              16384  1 snd
i2c_algo_bit           16384  1 gma500_gfx
watchdog               28672  1 iTCO_wdt
acpi_cpufreq           28672  1
button                 24576  0
tcp_bbr                20480  36
sch_cake               32768  3
nf_conntrack          172032  5
xt_conntrack,nf_nat,xt_state,xt_nat,xt_MASQUERADE
nf_defrag_ipv6         24576  1 nf_conntrack
nf_defrag_ipv4         16384  1 nf_conntrack
loop                   40960  0
drm                   585728  3 drm_kms_helper,gma500_gfx
efivarfs               16384  1
ip_tables              32768  0
x_tables               53248  12
xt_conntrack,nft_compat,xt_multiport,xt_state,xt_tcpudp,xt_nat,xt_set,ipt_REJECT,ip_tables,xt_MASQUERADE,xt_TCPMSS,xt_mark
autofs4                53248  2
ext4                  765952  1
crc16                  16384  1 ext4
mbcache                16384  1 ext4
jbd2                  135168  1 ext4
btrfs                1478656  0
xor                    24576  1 btrfs
zstd_decompress        90112  1 btrfs
zstd_compress         188416  1 btrfs
raid6_pq              122880  1 btrfs
crc32c_generic         16384  2
libcrc32c              16384  3 nf_conntrack,nf_nat,btrfs
sd_mod                 57344  3
ahci                   40960  2
libahci                45056  1 ahci
libata                290816  2 libahci,ahci
e1000e                290816  0
ehci_pci               20480  0
uhci_hcd               53248  0
scsi_mod              253952  3 sd_mod,libata,sg
ehci_hcd               98304  1 ehci_pci
i2c_i801               32768  0
usbcore               315392  3 ehci_pci,ehci_hcd,uhci_hcd
ptp                    20480  1 e1000e
lpc_ich                28672  0
mfd_core               20480  1 lpc_ich
pps_core               24576  1 ptp
usb_common             16384  3 usbcore,ehci_hcd,uhci_hcd
video                  53248  1 gma500_gfx

  reply	other threads:[~2020-05-04 12:50 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-05-04  3:55 Wang Jian
2020-05-04  5:26 ` Jason A. Donenfeld
2020-05-04 12:49   ` Wang Jian [this message]
2020-05-04 13:49   ` Alex Xu (Hello71)
2020-05-04 16:51     ` Wang Jian
2020-05-04 10:47 ` Serge Belyshev
2020-05-04 22:55   ` Jason A. Donenfeld
2020-05-04 22:28 ` Jason A. Donenfeld
2020-05-05  6:54   ` Wang Jian
2020-05-05  0:05 ` Jason A. Donenfeld

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAF75rJAh8xA3-=nk+gTpvULMD-xC41ukEatW=JyowaZHfiOzQg@mail.gmail.com' \
    --to=larkwang@gmail.com \
    --cc=Jason@zx2c4.com \
    --cc=wireguard@lists.zx2c4.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).