Development discussion of WireGuard
 help / color / mirror / Atom feed
From: Tim Sedlmeyer <tim@sedlmeyer.org>
To: WireGuard mailing list <wireguard@lists.zx2c4.com>
Subject: Re: Cannot ping peer 1 from peer 2
Date: Thu, 15 Mar 2018 22:24:00 -0400	[thread overview]
Message-ID: <CAK_h9uGv7ajAU4QpLTwJEmL2k_G7+GH73nPU4Dw8rKpoVm_qfw@mail.gmail.com> (raw)
In-Reply-To: <CAPGejTe5nKoZfQbyZYfpz5GmiC+UAvkmnuTehKvXjzLxUeHbaw@mail.gmail.com>

The ip address for the wg0 interface on peer 2 is set to 10.100.1.2/32
so peer2 has no route to reach 10.100.1.1. You either need to set a
route to 10.100.1.1 on peer 2 or change the address on peer 2 so the
subnet it is in includes 10.100.1.1. For example 10.100.1.2/24.

On Thu, Mar 15, 2018 at 10:07 PM, Vikas <kedia.vikas@gmail.com> wrote:
> Here is the config on peer 1 (Vmware VM running ubuntu 16.04):
> =================================================
>
> vk@ubuntu /g/r/c/w/server> ifconfig ens33
> ens33     Link encap:Ethernet  HWaddr 00:0c:29:c8:6c:d5
>           inet addr:10.0.1.77  Bcast:10.0.1.255  Mask:255.255.255.0
>           inet6 addr: fe80::5b06:24b6:c9e4:954e/64 Scope:Link
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:327949 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:87146 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:1000
>           RX bytes:351155285 (351.1 MB)  TX bytes:12179516 (12.1 MB)
>
>
> vk@ubuntu /g/r/c/w/server> more etc-wireguard-wg0.conf
> [Interface]
> Address = 10.100.1.1/24
> ListenPort = 51820
> PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A
> POSTROUTING -o ens33 -j MASQUERADE
> PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D
> POSTROUTING -o ens33 -j MASQUERADE
> PrivateKey = CPQLRq40QGY3+8yn2LlYb1x3zU/3/Ki+A4QjVYgbakY=
> SaveConfig = true
>
> [Peer]
> PublicKey = uL8bs5596DJO7BMnrIVG5btvr4LTzlbx1ovwHe59NBc=
> AllowedIPs = 10.100.1.2/32
>
>
> vk@ubuntu /g/r/c/w/server> ifconfig wg0
> wg0       Link encap:UNSPEC  HWaddr
> 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
>           inet addr:10.100.1.1  P-t-P:10.100.1.1  Mask:255.255.255.0
>           UP POINTOPOINT RUNNING NOARP  MTU:1420  Metric:1
>           RX packets:0 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:0 errors:459 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:1000
>           RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
>
>
>
> Here is the config on peer 2  (Vmware VM running ubuntu 18.04):
> ==================================================
>
> root@ubuntu /g/r/c/w/client# ifconfig ens33
> ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
>         inet 10.0.1.71  netmask 255.255.255.0  broadcast 10.0.1.255
>         inet6 fe80::c4d7:35d6:306b:fc91  prefixlen 64  scopeid 0x20<link>
>         ether 00:0c:29:b6:bb:18  txqueuelen 1000  (Ethernet)
>         RX packets 532611  bytes 765847699 (765.8 MB)
>         RX errors 0  dropped 0  overruns 0  frame 0
>         TX packets 71767  bytes 5458394 (5.4 MB)
>         TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
>
>
> root@ubuntu /g/r/c/w/client# more etc-wireguard-wg0.conf
> [Interface]
> Address = 10.100.1.2
> PrivateKey = AMZXJ1vBx6OOnZlbnYHuShTBAPuOzwCgweG73BS/4WY=
>
> [Peer]
> PublicKey = KNuvytvYu9NktxybaOHsCF11q96IGfc+dT/Dv8L6KB0=
> AllowedIPs = 0.0.0.0/0
> Endpoint = 10.0.1.77:51280
>
>
> root@ubuntu /g/r/c/w/client# ifconfig wg0
> wg0: flags=209<UP,POINTOPOINT,RUNNING,NOARP>  mtu 1420
>         inet 10.100.1.2  netmask 255.255.255.255  destination 10.100.1.2
>         unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
> txqueuelen 1000  (UNSPEC)
>         RX packets 0  bytes 0 (0.0 B)
>         RX errors 0  dropped 0  overruns 0  frame 0
>         TX packets 10  bytes 1480 (1.4 KB)
>         TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
>
>
> root@ubuntu /g/r/c/w/client# ping 10.0.1.77
> PING 10.0.1.77 (10.0.1.77) 56(84) bytes of data.
> 64 bytes from 10.0.1.77: icmp_seq=1 ttl=64 time=0.464 ms
> 64 bytes from 10.0.1.77: icmp_seq=2 ttl=64 time=0.715 ms
>
>
> root@ubuntu /g/r/c/w/client# ping 10.100.1.1
> PING 10.100.1.1 (10.100.1.1) 56(84) bytes of data.
> ^C
> --- 10.100.1.1 ping statistics ---
> 3 packets transmitted, 0 received, 100% packet loss, time 2033ms
>
>
> What am I doing wrong?
>
> --
> VK
> _______________________________________________
> WireGuard mailing list
> WireGuard@lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/wireguard

  reply	other threads:[~2018-03-16  2:13 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-03-16  2:07 Vikas
2018-03-16  2:24 ` Tim Sedlmeyer [this message]
2018-03-16  3:02 ` Vikas
2018-04-14  1:59   ` Jason A. Donenfeld

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CAK_h9uGv7ajAU4QpLTwJEmL2k_G7+GH73nPU4Dw8rKpoVm_qfw@mail.gmail.com \
    --to=tim@sedlmeyer.org \
    --cc=wireguard@lists.zx2c4.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).