WiFi network flaky/WireGuard connections inconsistent

WiFi network flaky/WireGuard connections inconsistent

[John]

I am experiencing hit-or-miss connectivity through wireguard when connected to a specific, unsecured, public WiFi from iOS devices. Meaning, I first connect to the public WiFi at which point, wireless works fine, websites load, etc. but when I subsequently initiate a wireguard connection, most of the time, the traffic flows stops due to a connectivity issue. If I fiddle with toggling the WG connection off then on several times, it eventually works.

Through searching, some suggestions about lowering the MTU value to improve stability are mentioned. I tried lowering the MTU size on the interface to 1440 and then again to 1280 but neither made a difference. Wondering if more experienced people here have some suggestions.

Here is the log from the iOS client when I attempt to connect:

2022-11-05 15:22:59.205912: [NET] App version: 1.0.15 (26)
2022-11-05 15:22:59.206042: [NET] Starting tunnel from the OS directly, rather than the app
2022-11-05 15:22:59.434059: [NET] DNS64: mapped xxx.xxx.xxx.xxx to itself.
2022-11-05 15:22:59.435425: [NET] Attaching to interface
2022-11-05 15:22:59.436179: [NET] UAPI: Updating private key
2022-11-05 15:22:59.436173: [NET] Routine: handshake worker 3 - started
2022-11-05 15:22:59.436234: [NET] Routine: decryption worker 2 - started
2022-11-05 15:22:59.436244: [NET] Routine: encryption worker 2 - started
2022-11-05 15:22:59.436489: [NET] Routine: decryption worker 3 - started
2022-11-05 15:22:59.436532: [NET] Routine: encryption worker 3 - started
2022-11-05 15:22:59.436605: [NET] Routine: handshake worker 2 - started
2022-11-05 15:22:59.436659: [NET] Routine: decryption worker 5 - started
2022-11-05 15:22:59.436793: [NET] Routine: encryption worker 1 - started
2022-11-05 15:22:59.436856: [NET] Routine: encryption worker 4 - started
2022-11-05 15:22:59.436864: [NET] UAPI: Removing all peers
2022-11-05 15:22:59.436903: [NET] Routine: decryption worker 1 - started
2022-11-05 15:22:59.436924: [NET] Routine: decryption worker 6 - started
2022-11-05 15:22:59.436940: [NET] Routine: handshake worker 6 - started
2022-11-05 15:22:59.436969: [NET] Routine: TUN reader - started
2022-11-05 15:22:59.437424: [NET] Routine: handshake worker 1 - started
2022-11-05 15:22:59.437493: [NET] Routine: decryption worker 4 - started
2022-11-05 15:22:59.437554: [NET] Routine: encryption worker 5 - started
2022-11-05 15:22:59.437553: [NET] peer(fTiT…qSc) - UAPI: Created
2022-11-05 15:22:59.437572: [NET] Routine: handshake worker 4 - started
2022-11-05 15:22:59.437610: [NET] Routine: handshake worker 5 - started
2022-11-05 15:22:59.437654: [NET] Routine: encryption worker 6 - started
2022-11-05 15:22:59.437674: [NET] peer(fTiT…qSc) - UAPI: Updating preshared key
2022-11-05 15:22:59.437755: [NET] Routine: event worker - started
2022-11-05 15:22:59.437901: [NET] peer(fTiT…qSc) - UAPI: Updating endpoint
2022-11-05 15:22:59.438089: [NET] peer(fTiT…qSc) - UAPI: Updating persistent keepalive interval
2022-11-05 15:22:59.438175: [NET] peer(fTiT…qSc) - UAPI: Removing all allowedips
2022-11-05 15:22:59.438303: [NET] peer(fTiT…qSc) - UAPI: Adding allowedip
2022-11-05 15:22:59.438818: [NET] UDP bind has been updated
2022-11-05 15:22:59.438848: [NET] Routine: receive incoming v4 - started
2022-11-05 15:22:59.438881: [NET] Routine: receive incoming v6 - started
2022-11-05 15:22:59.438909: [NET] peer(fTiT…qSc) - Starting
2022-11-05 15:22:59.439099: [NET] Interface state was Down, requested Up, now Up
2022-11-05 15:22:59.439187: [NET] Device started
2022-11-05 15:22:59.439263: [NET] peer(fTiT…qSc) - Routine: sequential receiver - started
2022-11-05 15:22:59.439307: [NET] peer(fTiT…qSc) - Routine: sequential sender - started
2022-11-05 15:22:59.439450: [NET] Tunnel interface is utun3
2022-11-05 15:22:59.440162: [NET] Network change detected with satisfied route and interface order [en0, pdp_ip0]
2022-11-05 15:22:59.440584: [NET] DNS64: mapped xxx.xxx.xxx.xxx to itself.
2022-11-05 15:22:59.440704: [NET] peer(fTiT…qSc) - UAPI: Updating endpoint
2022-11-05 15:22:59.440914: [NET] Routine: receive incoming v4 - stopped
2022-11-05 15:22:59.440962: [NET] Routine: receive incoming v6 - stopped
2022-11-05 15:22:59.441407: [NET] UDP bind has been updated
2022-11-05 15:22:59.441437: [NET] Routine: receive incoming v4 - started
2022-11-05 15:22:59.441469: [NET] Routine: receive incoming v6 - started
2022-11-05 15:22:59.949393: [NET] Network change detected with satisfied route and interface order [en0, utun3, pdp_ip0]
2022-11-05 15:22:59.950074: [NET] DNS64: mapped xxx.xxx.xxx.xxx to itself.
2022-11-05 15:22:59.950390: [NET] peer(fTiT…qSc) - UAPI: Updating endpoint
2022-11-05 15:22:59.950768: [NET] Routine: receive incoming v4 - stopped
2022-11-05 15:22:59.950954: [NET] Routine: receive incoming v6 - stopped
2022-11-05 15:22:59.951485: [NET] UDP bind has been updated
2022-11-05 15:22:59.951505: [NET] Routine: receive incoming v4 - started
2022-11-05 15:22:59.951581: [NET] Routine: receive incoming v6 - started
2022-11-05 15:22:59.969322: [NET] peer(fTiT…qSc) - Sending handshake initiation
2022-11-05 15:23:00.063463: [NET] peer(fTiT…qSc) - Received handshake response
2022-11-05 15:23:15.226385: [NET] peer(fTiT…qSc) - Retrying handshake because we stopped hearing back after 15 seconds
2022-11-05 15:23:15.226767: [NET] peer(fTiT…qSc) - Sending handshake initiation
2022-11-05 15:23:19.863684: [NET] Stopping tunnel
2022-11-05 15:23:19.864322: [NET] Device closing
2022-11-05 15:23:19.864617: [NET] Routine: TUN reader - stopped
2022-11-05 15:23:19.864730: [NET] Routine: event worker - stopped
2022-11-05 15:23:19.864842: [NET] Routine: receive incoming v4 - stopped
2022-11-05 15:23:19.864939: [NET] Routine: receive incoming v6 - stopped
2022-11-05 15:23:19.865193: [NET] peer(fTiT…qSc) - Stopping
2022-11-05 15:23:19.865364: [NET] peer(fTiT…qSc) - Routine: sequential sender - stopped
2022-11-05 15:23:19.865368: [NET] peer(fTiT…qSc) - Routine: sequential receiver - stopped
2022-11-05 15:23:19.865511: [NET] Device closed
2022-11-05 15:23:19.865507: [NET] Routine: decryption worker 2 - stopped
2022-11-05 15:23:19.865557: [NET] Routine: handshake worker 2 - stopped
2022-11-05 15:23:19.865603: [NET] Routine: decryption worker 1 - stopped
2022-11-05 15:23:19.865622: [NET] Routine: handshake worker 4 - stopped
2022-11-05 15:23:19.865627: [NET] Routine: decryption worker 5 - stopped
2022-11-05 15:23:19.865678: [NET] Routine: handshake worker 3 - stopped
2022-11-05 15:23:19.865686: [NET] Routine: decryption worker 3 - stopped
2022-11-05 15:23:19.865748: [NET] Routine: handshake worker 5 - stopped
2022-11-05 15:23:19.865807: [NET] Routine: handshake worker 1 - stopped
2022-11-05 15:23:19.865803: [NET] Routine: decryption worker 4 - stopped
2022-11-05 15:23:19.865814: [NET] Routine: decryption worker 6 - stopped
2022-11-05 15:23:19.865826: [NET] Routine: handshake worker 6 - stopped
2022-11-05 15:23:19.866057: [NET] Routine: encryption worker 5 - stopped
2022-11-05 15:23:19.866072: [NET] Routine: encryption worker 4 - stopped
2022-11-05 15:23:19.866079: [NET] Routine: encryption worker 2 - stopped
2022-11-05 15:23:19.866107: [NET] Routine: encryption worker 3 - stopped
2022-11-05 15:23:19.866135: [NET] Routine: encryption worker 6 - stopped
2022-11-05 15:23:19.866141: [NET] Routine: encryption worker 1 - stopped

Re: WiFi network flaky/WireGuard connections inconsistent

[John]

An update - if I first connect WG while the iPhone is on 5G, and then connect to the WiFi without stopping WG first, it seems to work as expected.  Tested and confirmed several times.  Will continue monitoring.

- Ondemand activation fails
- Connecting to the WiFi first and manually selecting a profile fails
- Only true with this specific WiFi, ondemand activation works everywhere else

------- Original Message -------
On Sunday, January 1st, 2023 at 3:11 PM, John <therealgraysky@proton.me> wrote:


> I am experiencing hit-or-miss connectivity through wireguard when connected to a specific, unsecured, public WiFi from iOS devices. Meaning, I first connect to the public WiFi at which point, wireless works fine, websites load, etc. but when I subsequently initiate a wireguard connection, most of the time, the traffic flows stops due to a connectivity issue. If I fiddle with toggling the WG connection off then on several times, it eventually works.
> 
> Through searching, some suggestions about lowering the MTU value to improve stability are mentioned. I tried lowering the MTU size on the interface to 1440 and then again to 1280 but neither made a difference. Wondering if more experienced people here have some suggestions.
> 
> Here is the log from the iOS client when I attempt to connect:
> 
> 2022-11-05 15:22:59.205912: [NET] App version: 1.0.15 (26)
> 2022-11-05 15:22:59.206042: [NET] Starting tunnel from the OS directly, rather than the app
> 2022-11-05 15:22:59.434059: [NET] DNS64: mapped xxx.xxx.xxx.xxx to itself.
> 2022-11-05 15:22:59.435425: [NET] Attaching to interface
> 2022-11-05 15:22:59.436179: [NET] UAPI: Updating private key
> 2022-11-05 15:22:59.436173: [NET] Routine: handshake worker 3 - started
> 2022-11-05 15:22:59.436234: [NET] Routine: decryption worker 2 - started
> 2022-11-05 15:22:59.436244: [NET] Routine: encryption worker 2 - started
> 2022-11-05 15:22:59.436489: [NET] Routine: decryption worker 3 - started
> 2022-11-05 15:22:59.436532: [NET] Routine: encryption worker 3 - started
> 2022-11-05 15:22:59.436605: [NET] Routine: handshake worker 2 - started
> 2022-11-05 15:22:59.436659: [NET] Routine: decryption worker 5 - started
> 2022-11-05 15:22:59.436793: [NET] Routine: encryption worker 1 - started
> 2022-11-05 15:22:59.436856: [NET] Routine: encryption worker 4 - started
> 2022-11-05 15:22:59.436864: [NET] UAPI: Removing all peers
> 2022-11-05 15:22:59.436903: [NET] Routine: decryption worker 1 - started
> 2022-11-05 15:22:59.436924: [NET] Routine: decryption worker 6 - started
> 2022-11-05 15:22:59.436940: [NET] Routine: handshake worker 6 - started
> 2022-11-05 15:22:59.436969: [NET] Routine: TUN reader - started
> 2022-11-05 15:22:59.437424: [NET] Routine: handshake worker 1 - started
> 2022-11-05 15:22:59.437493: [NET] Routine: decryption worker 4 - started
> 2022-11-05 15:22:59.437554: [NET] Routine: encryption worker 5 - started
> 2022-11-05 15:22:59.437553: [NET] peer(fTiT…qSc) - UAPI: Created
> 2022-11-05 15:22:59.437572: [NET] Routine: handshake worker 4 - started
> 2022-11-05 15:22:59.437610: [NET] Routine: handshake worker 5 - started
> 2022-11-05 15:22:59.437654: [NET] Routine: encryption worker 6 - started
> 2022-11-05 15:22:59.437674: [NET] peer(fTiT…qSc) - UAPI: Updating preshared key
> 2022-11-05 15:22:59.437755: [NET] Routine: event worker - started
> 2022-11-05 15:22:59.437901: [NET] peer(fTiT…qSc) - UAPI: Updating endpoint
> 2022-11-05 15:22:59.438089: [NET] peer(fTiT…qSc) - UAPI: Updating persistent keepalive interval
> 2022-11-05 15:22:59.438175: [NET] peer(fTiT…qSc) - UAPI: Removing all allowedips
> 2022-11-05 15:22:59.438303: [NET] peer(fTiT…qSc) - UAPI: Adding allowedip
> 2022-11-05 15:22:59.438818: [NET] UDP bind has been updated
> 2022-11-05 15:22:59.438848: [NET] Routine: receive incoming v4 - started
> 2022-11-05 15:22:59.438881: [NET] Routine: receive incoming v6 - started
> 2022-11-05 15:22:59.438909: [NET] peer(fTiT…qSc) - Starting
> 2022-11-05 15:22:59.439099: [NET] Interface state was Down, requested Up, now Up
> 2022-11-05 15:22:59.439187: [NET] Device started
> 2022-11-05 15:22:59.439263: [NET] peer(fTiT…qSc) - Routine: sequential receiver - started
> 2022-11-05 15:22:59.439307: [NET] peer(fTiT…qSc) - Routine: sequential sender - started
> 2022-11-05 15:22:59.439450: [NET] Tunnel interface is utun3
> 2022-11-05 15:22:59.440162: [NET] Network change detected with satisfied route and interface order [en0, pdp_ip0]
> 2022-11-05 15:22:59.440584: [NET] DNS64: mapped xxx.xxx.xxx.xxx to itself.
> 2022-11-05 15:22:59.440704: [NET] peer(fTiT…qSc) - UAPI: Updating endpoint
> 2022-11-05 15:22:59.440914: [NET] Routine: receive incoming v4 - stopped
> 2022-11-05 15:22:59.440962: [NET] Routine: receive incoming v6 - stopped
> 2022-11-05 15:22:59.441407: [NET] UDP bind has been updated
> 2022-11-05 15:22:59.441437: [NET] Routine: receive incoming v4 - started
> 2022-11-05 15:22:59.441469: [NET] Routine: receive incoming v6 - started
> 2022-11-05 15:22:59.949393: [NET] Network change detected with satisfied route and interface order [en0, utun3, pdp_ip0]
> 2022-11-05 15:22:59.950074: [NET] DNS64: mapped xxx.xxx.xxx.xxx to itself.
> 2022-11-05 15:22:59.950390: [NET] peer(fTiT…qSc) - UAPI: Updating endpoint
> 2022-11-05 15:22:59.950768: [NET] Routine: receive incoming v4 - stopped
> 2022-11-05 15:22:59.950954: [NET] Routine: receive incoming v6 - stopped
> 2022-11-05 15:22:59.951485: [NET] UDP bind has been updated
> 2022-11-05 15:22:59.951505: [NET] Routine: receive incoming v4 - started
> 2022-11-05 15:22:59.951581: [NET] Routine: receive incoming v6 - started
> 2022-11-05 15:22:59.969322: [NET] peer(fTiT…qSc) - Sending handshake initiation
> 2022-11-05 15:23:00.063463: [NET] peer(fTiT…qSc) - Received handshake response
> 2022-11-05 15:23:15.226385: [NET] peer(fTiT…qSc) - Retrying handshake because we stopped hearing back after 15 seconds
> 2022-11-05 15:23:15.226767: [NET] peer(fTiT…qSc) - Sending handshake initiation
> 2022-11-05 15:23:19.863684: [NET] Stopping tunnel
> 2022-11-05 15:23:19.864322: [NET] Device closing
> 2022-11-05 15:23:19.864617: [NET] Routine: TUN reader - stopped
> 2022-11-05 15:23:19.864730: [NET] Routine: event worker - stopped
> 2022-11-05 15:23:19.864842: [NET] Routine: receive incoming v4 - stopped
> 2022-11-05 15:23:19.864939: [NET] Routine: receive incoming v6 - stopped
> 2022-11-05 15:23:19.865193: [NET] peer(fTiT…qSc) - Stopping
> 2022-11-05 15:23:19.865364: [NET] peer(fTiT…qSc) - Routine: sequential sender - stopped
> 2022-11-05 15:23:19.865368: [NET] peer(fTiT…qSc) - Routine: sequential receiver - stopped
> 2022-11-05 15:23:19.865511: [NET] Device closed
> 2022-11-05 15:23:19.865507: [NET] Routine: decryption worker 2 - stopped
> 2022-11-05 15:23:19.865557: [NET] Routine: handshake worker 2 - stopped
> 2022-11-05 15:23:19.865603: [NET] Routine: decryption worker 1 - stopped
> 2022-11-05 15:23:19.865622: [NET] Routine: handshake worker 4 - stopped
> 2022-11-05 15:23:19.865627: [NET] Routine: decryption worker 5 - stopped
> 2022-11-05 15:23:19.865678: [NET] Routine: handshake worker 3 - stopped
> 2022-11-05 15:23:19.865686: [NET] Routine: decryption worker 3 - stopped
> 2022-11-05 15:23:19.865748: [NET] Routine: handshake worker 5 - stopped
> 2022-11-05 15:23:19.865807: [NET] Routine: handshake worker 1 - stopped
> 2022-11-05 15:23:19.865803: [NET] Routine: decryption worker 4 - stopped
> 2022-11-05 15:23:19.865814: [NET] Routine: decryption worker 6 - stopped
> 2022-11-05 15:23:19.865826: [NET] Routine: handshake worker 6 - stopped
> 2022-11-05 15:23:19.866057: [NET] Routine: encryption worker 5 - stopped
> 2022-11-05 15:23:19.866072: [NET] Routine: encryption worker 4 - stopped
> 2022-11-05 15:23:19.866079: [NET] Routine: encryption worker 2 - stopped
> 2022-11-05 15:23:19.866107: [NET] Routine: encryption worker 3 - stopped
> 2022-11-05 15:23:19.866135: [NET] Routine: encryption worker 6 - stopped
> 2022-11-05 15:23:19.866141: [NET] Routine: encryption worker 1 - stopped