From: John Huttley <john@mib-infotech.co.nz>
To: "Jason A. Donenfeld" <Jason@zx2c4.com>
Cc: WireGuard mailing list <wireguard@lists.zx2c4.com>
Subject: Re: [WireGuard] Debugging AllowedIps
Date: Mon, 14 Nov 2016 15:28:10 +1300 [thread overview]
Message-ID: <215ed362-725f-a236-d236-bc31bf508005@mib-infotech.co.nz> (raw)
In-Reply-To: <CAHmME9o8zt+5uq=yuw1jsZZhMRcwLasPjpk=O5tpjcp_+55HNQ@mail.gmail.com>
Thanks Jason,
I'm using gentoo x64. debug USE is enabled
==============
emerge -p -v wireguard
These are the packages that would be merged, in order:
Calculating dependencies... done!
[ebuild R *] net-misc/wireguard-9999::gentoo USE="debug -kmod-src"
0 KiB
==============
there is nothing much in /var/log/messages
2016-11-14T15:04:26+13:00 Listen normally on 14 wg0 192.168.94.254:123
Which is when I set up wg.
================
Nothing but the module startup in /var/log/dmesg
wireguard: routing table self-tests: pass
[ 7.628264] wireguard: nonce counter self-tests: pass
[ 7.629233] wireguard: curve25519 self-tests: pass
[ 7.629241] wireguard: chacha20poly1305 self-tests: pass
[ 7.629761] wireguard: blake2s self-tests: pass
[ 7.629766] wireguard: siphash24 self-tests: pass
[ 7.629778] wireguard: WireGuard loaded. See www.wireguard.io for
information.
[ 7.629778] wireguard: (C) Copyright 2015-2016 Jason A. Donenfeld
<Jason@zx2c4.com>. All Rights Reserved
===================
I start the server like this
#/bin/bash
ip link add dev wg0 type wireguard
ip address add dev wg0 192.168.94.254/24
wg setconf wg0 /root/wg.conf
ip link set up dev wg0
========
wg.conf is
[Interface]
PrivateKey = XXXX
Listenport = 6678
[Peer]
Publickey=8+7eyTWCQZ7Eqw8tDv6KMTiwaK+WXhRVhal6sANJnmc=
AllowedIps = 0.0.0.0/0
#[Peer]
# Publickey=vaw7Z2fZnKLlYwyPUUqvCZbdJN7S78C57nYpQfqZRg8=
# AllowedIps= 0.0.0.0/0
The commented out peer has its wg0 set to 192.168.94.12/24 and other ips
on other interfaces in the 10.128.0.0/16 network.
However AllowedIps = 192.168.94.0/24, 10.128.0.0/16 doesn't work,
(confirmed with "wg showconf wg0" that it loaded)
0.0.0.0/0 does work
I would have thought to see some debug messages, but there is nothing.
The server has been rebooted after updating wireguard.
RFE: when the module loads and prints its test at startup, please print
its version and compile flags as well.
Regards,
John
next prev parent reply other threads:[~2016-11-14 2:25 UTC|newest]
Thread overview: 78+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-11-11 19:29 Source address fib invalidation on IPv6 Jason A. Donenfeld
2016-11-11 19:29 ` [WireGuard] " Jason A. Donenfeld
2016-11-11 19:29 ` Jason A. Donenfeld
2016-11-11 22:14 ` David Ahern
2016-11-11 22:14 ` [WireGuard] " David Ahern
2016-11-11 22:14 ` David Ahern
2016-11-12 2:18 ` Jason A. Donenfeld
2016-11-12 2:18 ` [WireGuard] " Jason A. Donenfeld
2016-11-12 2:18 ` Jason A. Donenfeld
2016-11-12 15:40 ` Jason A. Donenfeld
2016-11-12 15:40 ` [WireGuard] " Jason A. Donenfeld
2016-11-12 15:40 ` Jason A. Donenfeld
2016-11-12 18:14 ` David Ahern
2016-11-12 18:14 ` [WireGuard] " David Ahern
2016-11-12 18:14 ` David Ahern
2016-11-12 19:08 ` Jason A. Donenfeld
2016-11-12 19:08 ` [WireGuard] " Jason A. Donenfeld
2016-11-12 19:08 ` Jason A. Donenfeld
2016-11-13 0:43 ` Jason A. Donenfeld
2016-11-13 0:43 ` [WireGuard] " Jason A. Donenfeld
2016-11-13 0:51 ` Hannes Frederic Sowa
2016-11-13 0:51 ` [WireGuard] " Hannes Frederic Sowa
2016-11-13 0:51 ` Hannes Frederic Sowa
2016-11-13 1:00 ` Jason A. Donenfeld
2016-11-13 1:00 ` [WireGuard] " Jason A. Donenfeld
2016-11-13 1:00 ` Jason A. Donenfeld
2016-11-13 13:23 ` [PATCH] ip6_output: ensure flow saddr actually belongs to device Jason A. Donenfeld
2016-11-13 13:23 ` [WireGuard] " Jason A. Donenfeld
2016-11-13 13:23 ` Jason A. Donenfeld
2016-11-13 16:30 ` David Ahern
2016-11-13 16:30 ` [WireGuard] " David Ahern
2016-11-13 19:02 ` [PATCH v2] " Jason A. Donenfeld
2016-11-13 19:02 ` [WireGuard] " Jason A. Donenfeld
2016-11-13 19:02 ` Jason A. Donenfeld
2016-11-13 20:45 ` David Ahern
2016-11-13 20:45 ` [WireGuard] " David Ahern
2016-11-13 23:28 ` [PATCH v3] " Jason A. Donenfeld
2016-11-13 23:28 ` [WireGuard] " Jason A. Donenfeld
2016-11-13 23:28 ` Jason A. Donenfeld
2016-11-14 1:36 ` [WireGuard] Debugging AllowedIps John Huttley
2016-11-14 1:39 ` Jason A. Donenfeld
2016-11-14 2:28 ` John Huttley [this message]
2016-11-14 2:59 ` Jason A. Donenfeld
2016-11-14 3:10 ` John Huttley
2016-11-14 16:19 ` [PATCH v3] ip6_output: ensure flow saddr actually belongs to device David Ahern
2016-11-14 16:19 ` [WireGuard] " David Ahern
[not found] ` <CAHmME9p6-mLSs84AwwfRXe8U3Z2sy6Dp9W9H0gKh0rcZuQAfZA@mail.gmail.com>
[not found] ` <CAHmME9qC4xqGOwJnauXrJBDkAtmmuJ+kJKL6ufuU9_XWKNFdSA@mail.gmail.com>
2016-11-14 16:54 ` Jason A. Donenfeld
2016-11-14 16:54 ` [WireGuard] " Jason A. Donenfeld
2016-11-14 16:44 ` Hannes Frederic Sowa
2016-11-14 16:44 ` [WireGuard] " Hannes Frederic Sowa
2016-11-14 16:55 ` David Ahern
2016-11-14 16:55 ` [WireGuard] " David Ahern
2016-11-14 17:04 ` Hannes Frederic Sowa
2016-11-14 17:04 ` [WireGuard] " Hannes Frederic Sowa
2016-11-14 17:17 ` David Ahern
2016-11-14 17:17 ` [WireGuard] " David Ahern
2016-11-14 17:33 ` Hannes Frederic Sowa
2016-11-14 17:33 ` [WireGuard] " Hannes Frederic Sowa
2016-11-14 17:48 ` David Ahern
2016-11-14 17:48 ` [WireGuard] " David Ahern
2016-11-14 18:33 ` Hannes Frederic Sowa
2016-11-14 18:33 ` [WireGuard] " Hannes Frederic Sowa
2016-11-15 0:45 ` Jason A. Donenfeld
2016-11-15 0:45 ` [WireGuard] " Jason A. Donenfeld
2016-11-15 0:45 ` Jason A. Donenfeld
2016-11-15 14:45 ` Hannes Frederic Sowa
2016-11-15 14:45 ` [WireGuard] " Hannes Frederic Sowa
2016-11-15 15:26 ` David Ahern
2016-11-15 15:26 ` [WireGuard] " David Ahern
2016-11-15 15:26 ` David Ahern
2016-11-13 20:19 ` [PATCH] " Jason A. Donenfeld
2016-11-13 20:19 ` [WireGuard] " Jason A. Donenfeld
2016-11-13 20:39 ` David Ahern
2016-11-13 20:39 ` [WireGuard] " David Ahern
2016-11-13 20:39 ` David Ahern
2016-11-13 0:51 ` Source address fib invalidation on IPv6 Jason A. Donenfeld
2016-11-13 0:51 ` [WireGuard] " Jason A. Donenfeld
2016-11-13 0:51 ` Jason A. Donenfeld
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=215ed362-725f-a236-d236-bc31bf508005@mib-infotech.co.nz \
--to=john@mib-infotech.co.nz \
--cc=Jason@zx2c4.com \
--cc=wireguard@lists.zx2c4.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.