Development discussion of WireGuard
 help / color / mirror / Atom feed
From: Mats Loman <mats.loman@rte.se>
To: "wireguard@lists.zx2c4.com" <wireguard@lists.zx2c4.com>
Subject: Re: Endpoints are not in sync (latest handshake)
Date: Wed, 24 Aug 2022 05:32:51 +0000	[thread overview]
Message-ID: <VE1P189MB09890F6F771E425EC0743C25E5739@VE1P189MB0989.EURP189.PROD.OUTLOOK.COM> (raw)
In-Reply-To: <VE1P189MB0989ABC50A06400CFC34F398E56D9@VE1P189MB0989.EURP189.PROD.OUTLOOK.COM>


> I have two wireguard endpoints that has different opinions about when the last handshake was made:
> 
> interface: wg0
>   public key: PauftxCvmti7CDDZ9yj6EKZ+r9zQj6gjb9hvP1whzwQ=
>   private key: (hidden)
>   listening port: 17395
>
> peer: s5dnr91F06+AQ/3o5urOM5Dc1f0gzHOsGjwD+AEmwDA=
>   endpoint: 192.168.201.24:17395
>   allowed ips: 192.168.26.197/32, 192.168.201.38/32
>   latest handshake: 8 hours, 42 minutes, 30 seconds ago
>   transfer: 260.73 GiB received, 313.35 GiB sent
>
> And:
>
> interface: wg0
>   public key: s5dnr91F06+AQ/3o5urOM5Dc1f0gzHOsGjwD+AEmwDA=
>   private key: (hidden)
>   listening port: 17395
>
> peer: PauftxCvmti7CDDZ9yj6EKZ+r9zQj6gjb9hvP1whzwQ=
>   endpoint: 192.168.201.23:17395
>   allowed ips: 192.168.26.200/32, 192.168.201.249/32
>   latest handshake: 2 minutes, 15 seconds ago
>   transfer: 282.13 GiB received, 276.13 GiB sent
> 
> It is not possible  to send data through the tunnel  in both directions only in one direction.
> 
> It is pretty easy to repeat this situation:
> Send UDP packets through the tunnel at a speed that wireguard cannot keep up with. I expect packet loss in this case but not that the tunnel is "partially closed".
>
> Any ideas?
> 
> Best regards,
> Mats Loman

Adding more information:

One side:

.
.
.
[71254.512872] wireguard: wg0: Receiving handshake initiation from peer 2 (192.168.201.48:17395)
[71254.512939] wireguard: wg0: Sending handshake response to peer 2 (192.168.201.48:17395)
[71254.527580] wireguard: wg0: Keypair 1399 destroyed for peer 2
[71254.527642] wireguard: wg0: Keypair 1400 created for peer 2
[71284.585205] wireguard: wg0: Receiving handshake initiation from peer 2 (192.168.201.48:17395)
[71284.585267] wireguard: wg0: Sending handshake response to peer 2 (192.168.201.48:17395)
[71284.592697] wireguard: wg0: Keypair 1400 destroyed for peer 2
[71284.592715] wireguard: wg0: Keypair 1401 created for peer 2
[71314.024610] wireguard: wg0: Receiving handshake initiation from peer 2 (192.168.201.48:17395)
[71314.024671] wireguard: wg0: Sending handshake response to peer 2 (192.168.201.48:17395)
[71314.032095] wireguard: wg0: Keypair 1401 destroyed for peer 2
[71314.032113] wireguard: wg0: Keypair 1402 created for peer 2
[71344.744295] wireguard: wg0: Receiving handshake initiation from peer 2 (192.168.201.48:17395)
[71344.744356] wireguard: wg0: Sending handshake response to peer 2 (192.168.201.48:17395)
[71344.751780] wireguard: wg0: Keypair 1402 destroyed for peer 2
[71344.751799] wireguard: wg0: Keypair 1403 created for peer 2
[71362.663988] wireguard: wg0: Receiving handshake initiation from peer 2 (192.168.201.48:17395)
[71362.664048] wireguard: wg0: Sending handshake response to peer 2 (192.168.201.48:17395)
[71362.671474] wireguard: wg0: Keypair 1403 destroyed for peer 2
[71362.671493] wireguard: wg0: Keypair 1404 created for peer 2

The other side:

.
.
.
[71974.055151] wireguard: wg0: Sending handshake initiation to peer 12 (192.168.201.47:17395)
[71974.076684] wireguard: wg0: Receiving handshake response from peer 12 (192.168.201.47:17395)
[71974.076775] wireguard: wg0: Keypair 1427 destroyed for peer 12
[71974.076789] wireguard: wg0: Keypair 1429 created for peer 12
[71974.076815] wireguard: wg0: Sending keepalive packet to peer 12 (192.168.201.47:17395)
[72004.134540] wireguard: wg0: Retrying handshake with peer 12 (192.168.201.47:17395) because we stopped hearing back after 15 seconds
[72004.134650] wireguard: wg0: Sending handshake initiation to peer 12 (192.168.201.47:17395)
[72004.155991] wireguard: wg0: Receiving handshake response from peer 12 (192.168.201.47:17395)
[72004.156080] wireguard: wg0: Keypair 1428 destroyed for peer 12
[72004.156094] wireguard: wg0: Keypair 1430 created for peer 12
[72004.156121] wireguard: wg0: Sending keepalive packet to peer 12 (192.168.201.47:17395)
[72025.894170] wireguard: wg0: Retrying handshake with peer 12 (192.168.201.47:17395) because we stopped hearing back after 15 seconds
[72025.894294] wireguard: wg0: Sending handshake initiation to peer 12 (192.168.201.47:17395)
[72025.915688] wireguard: wg0: Receiving handshake response from peer 12 (192.168.201.47:17395)
[72025.915779] wireguard: wg0: Keypair 1429 destroyed for peer 12
[72025.915794] wireguard: wg0: Keypair 1431 created for peer 12
[72025.915820] wireguard: wg0: Sending keepalive packet to peer 12 (192.168.201.47:17395)
[72041.893912] wireguard: wg0: Retrying handshake with peer 12 (192.168.201.47:17395) because we stopped hearing back after 15 seconds
[72041.894025] wireguard: wg0: Sending handshake initiation to peer 12 (192.168.201.47:17395)
[72041.915460] wireguard: wg0: Receiving handshake response from peer 12 (192.168.201.47:17395)
[72041.915551] wireguard: wg0: Keypair 1430 destroyed for peer 12
[72041.915566] wireguard: wg0: Keypair 1432 created for peer 12
[72041.915591] wireguard: wg0: Sending keepalive packet to peer 12 (192.168.201.47:17395)


/Mats Loman

      reply	other threads:[~2022-08-24  5:32 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-08-18  8:40 Mats Loman
2022-08-24  5:32 ` Mats Loman [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=VE1P189MB09890F6F771E425EC0743C25E5739@VE1P189MB0989.EURP189.PROD.OUTLOOK.COM \
    --to=mats.loman@rte.se \
    --cc=wireguard@lists.zx2c4.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).