From: Daniel <tech@tootai.net>
To: wireguard@lists.zx2c4.com
Subject: Re: [Warning: DMARC Fail Email] Re: ipv6 connexion fail - ipv4 OK
Date: Mon, 30 Aug 2021 12:24:01 +0200 [thread overview]
Message-ID: <7437f3e0-26ba-5e33-a175-0cf233635b3f@tootai.net> (raw)
In-Reply-To: <20210828024454.1766744f@natsu>
Hi
Le 27/08/2021 à 23:44, Roman Mamedov a écrit :
> On Sat, 28 Aug 2021 07:05:45 +0930
> Mike O'Connor <mike@pineview.net> wrote:
>
>> On a 1500 link I'm having to use 1280 to get ipv6 to successfully go
>> over a wireguard link.
> Then it is not a true 1500 MTU link, something in-between drops packets at a
> lower bar. Or maybe not all of them, but just UDP, for example.
>
> But yeah, 1280 is worth trying as well, maybe Daniel has a similar issue.
>
> As for me I am using MTU 1412 WG over IPv6 on a 1492 MTU underlying link just
> fine.
After lot of few testings, I think the problem is elsewhere. Setup of
the server:
. eth0 with one public ipv4 IP and ipv6 /64
. 2 tunnels (one gre, one sit), each of them having one ipv4 and one
ipv6 /64. They take care on trafic from/to our /48 ipv6 range
. 2 tun openvpn interfaces for customers with ipv6 address from our /48
range
. wireguard interface with ipv6 address from our /48 range
Using tcpdump -i any I see the trafic coming to the gre interface and
that's all. But netstat show
udp6 0 0 :::12345 :::*
0 125391 -
and ps aux output is
dh@peech:~$ ps ax|grep wg
6969 ? I< 0:00 [wg-crypt-wig4to]
7026 ? I 0:00 [kworker/1:2-wg-kex-wig4tootai]
Question: is wireguard really listening on all ipv6 addresses ? If not,
how is the address choosen ?
[...]
Thanks for your help
--
Daniel
next prev parent reply other threads:[~2021-08-30 10:24 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-08-25 15:25 ipv6 connexion fail - ipv4 OK Daniel
2021-08-26 11:14 ` Daniel
2021-08-27 16:14 ` Roman Mamedov
2021-08-27 17:16 ` Daniel
2021-08-27 21:35 ` [Warning: DMARC Fail Email] " Mike O'Connor
2021-08-27 21:44 ` Roman Mamedov
2021-08-27 21:54 ` Mike O'Connor
2021-08-30 10:24 ` Daniel [this message]
2021-08-30 12:55 ` Skyler Mäntysaari
2021-08-30 16:43 ` Roman Mamedov
2021-08-30 17:28 ` Daniel
2021-08-30 17:38 ` Roman Mamedov
2021-08-30 17:44 ` Daniel
2021-08-30 17:59 ` Roman Mamedov
2021-08-31 17:50 ` Daniel
2021-09-01 17:44 ` Daniel
2021-09-03 13:59 ` ipv6 connexion fail - ipv4 OK (SOLVED) Daniel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=7437f3e0-26ba-5e33-a175-0cf233635b3f@tootai.net \
--to=tech@tootai.net \
--cc=wireguard@lists.zx2c4.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.