* wireguard broke with recent update on fedora 31 @ 2019-12-31 12:03 Barry Scott 2020-01-02 20:11 ` Jason A. Donenfeld 0 siblings, 1 reply; 6+ messages in thread From: Barry Scott @ 2019-12-31 12:03 UTC (permalink / raw) To: WireGuard mailing list I had wireguard working but the recent update of somethng has broken it. I'm happy to help debug, run test code. My server end is fedora 31, which is up to date. kernel-5.3.16-300.fc31.x86_64 wireguard-dkms-0.0.20191226-1.fc31.noarch wireguard-tools-1.0.20191226-1.fc31.x86_64 The server has 2 phys interfaces, external that is connected to the internet (no NAT) and internal that is home network. I uses systemd-networkd for the phys interfaces. wireguard uses a service that runnings these commands to start it up. ip link add wg0 type wireguard wg setconf wg0 /etc/wireguard/wg0.conf ip -4 address add 172.16.4.1/24 dev wg0 ip link set mtu 1420 up dev wg0 (I also tried a smaller MTU, 1280, with no change). I use firewalld configured to allow access through wg0. I have also turned off firewalld to eliminate iptables rules as a source of problem. $ wg interface: wg0 public key: KNwXI8p8zJVed81RI3WhHQuYEUxIe0/PDP77Z2YSKTI= private key: (hidden) listening port: 51820 peer: bXUXQRJ9e2RXuxpSofQPVsvGMb5idhZiiF3lTOs1PRQ= endpoint: 213.205.240.12:43029 allowed ips: (none) latest handshake: 33 seconds ago transfer: 1.02 KiB received, 3.11 KiB sent persistent keepalive: every 30 seconds peer: JGxzN0iT+WIL2rltsWfaKD1IFC/f7b/AxF9peecTDEU= allowed ips: (none) persistent keepalive: every 30 seconds peer: hom+2y5nNr9UnsSeyNJvWS6RkvnbTQOWwd8Zopsuzwo= allowed ips: 0.0.0.0/0 persistent keepalive: every 30 seconds peer bX... is an Android phone running wireguard v0.0.20191220. A tcpdump show 2 ways comms with the phone $ tcpdump -n -i external port 51820 11:35:09.545035 IP 213.205.240.12.43029 > 86.19.118.184.51820: UDP, length 112 11:35:09.792170 IP 86.19.118.184.51820 > 213.205.240.12.43029: UDP, length 32 11:35:14.533234 IP 213.205.240.12.43029 > 86.19.118.184.51820: UDP, length 112 11:35:14.800147 IP 213.205.240.12.43029 > 86.19.118.184.51820: UDP, length 148 11:35:14.802647 IP 86.19.118.184.51820 > 213.205.240.12.43029: UDP, length 92 ... etc... But I see nothing for "tcpdump -i wg0". And these stats: $ ip -s addr show wg0 4: wg0: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1280 qdisc noqueue state UNKNOWN group default qlen 1000 link/none inet 172.16.4.1/24 scope global wg0 valid_lft forever preferred_lft forever RX: bytes packets errors dropped overrun mcast 180 2 1 0 0 0 TX: bytes packets errors dropped carrier collsns 92 1 0 3 0 0 Run test from phone here. Turn on wireguard, attempt to browse to http://172.16.4.1. $ ip -s addr show wg0 4: wg0: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1280 qdisc noqueue state UNKNOWN group default qlen 1000 link/none inet 172.16.4.1/24 scope global wg0 valid_lft forever preferred_lft forever RX: bytes packets errors dropped overrun mcast 180 2 28 0 0 0 TX: bytes packets errors dropped carrier collsns 188 4 0 3 0 0 The RX errors have increased. dmesg is dull. Barry _______________________________________________ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: wireguard broke with recent update on fedora 31 2019-12-31 12:03 wireguard broke with recent update on fedora 31 Barry Scott @ 2020-01-02 20:11 ` Jason A. Donenfeld 2020-01-02 22:58 ` Barry 0 siblings, 1 reply; 6+ messages in thread From: Jason A. Donenfeld @ 2020-01-02 20:11 UTC (permalink / raw) To: Barry Scott, WireGuard mailing list On 12/31/19 1:03 PM, Barry Scott wrote: > I had wireguard working but the recent update of somethng has broken it. Does downgrading fix it? If not, something else is broken. Can you test that first? _______________________________________________ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: wireguard broke with recent update on fedora 31 2020-01-02 20:11 ` Jason A. Donenfeld @ 2020-01-02 22:58 ` Barry 2020-01-03 17:24 ` Joe Doss 0 siblings, 1 reply; 6+ messages in thread From: Barry @ 2020-01-02 22:58 UTC (permalink / raw) To: Jason A. Donenfeld; +Cc: WireGuard mailing list > On 2 Jan 2020, at 20:11, Jason A. Donenfeld <Jason@zx2c4.com> wrote: > > On 12/31/19 1:03 PM, Barry Scott wrote: >> I had wireguard working but the recent update of somethng has broken it. > > Does downgrading fix it? If not, something else is broken. Can you test that first? I already tried that. Dnf says the files needed to downgrade are no longer available. I did not double check the files in the copr repo folder to see if they can be curl’ed. I do that check tomorrow. Barry > _______________________________________________ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: wireguard broke with recent update on fedora 31 2020-01-02 22:58 ` Barry @ 2020-01-03 17:24 ` Joe Doss 2020-01-03 17:53 ` Joe Doss 0 siblings, 1 reply; 6+ messages in thread From: Joe Doss @ 2020-01-03 17:24 UTC (permalink / raw) To: wireguard [-- Attachment #1: Type: text/plain, Size: 431 bytes --] On 1/2/20 4:58 PM, Barry wrote: > I already tried that. Dnf says the files needed to downgrade are no longer available. > I did not double check the files in the copr repo folder to see if they can be curl’ed. > I do that check tomorrow. The old builds got mucked up when we moved to the new repos. I will push a few of the older versions to copr so you can try downgrading. Joe -- Joe Doss joe@solidadmin.com [-- Attachment #2: pEpkey.asc --] [-- Type: application/pgp-keys, Size: 1783 bytes --] [-- Attachment #3: Type: text/plain, Size: 148 bytes --] _______________________________________________ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: wireguard broke with recent update on fedora 31 2020-01-03 17:24 ` Joe Doss @ 2020-01-03 17:53 ` Joe Doss 2020-01-05 21:38 ` Barry Scott 0 siblings, 1 reply; 6+ messages in thread From: Joe Doss @ 2020-01-03 17:53 UTC (permalink / raw) To: wireguard [-- Attachment #1: Type: text/plain, Size: 312 bytes --] Hey Barry, Some older versions are building now: https://copr.fedorainfracloud.org/coprs/jdoss/wireguard/builds/ I have not tested them as I had to make some changes so the old repo sources to build the src RPMs. Let me know if you run into any issues. Joe -- Joe Doss joe@solidadmin.com [-- Attachment #2: pEpkey.asc --] [-- Type: application/pgp-keys, Size: 1783 bytes --] [-- Attachment #3: Type: text/plain, Size: 148 bytes --] _______________________________________________ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: wireguard broke with recent update on fedora 31 2020-01-03 17:53 ` Joe Doss @ 2020-01-05 21:38 ` Barry Scott 0 siblings, 0 replies; 6+ messages in thread From: Barry Scott @ 2020-01-05 21:38 UTC (permalink / raw) To: WireGuard mailing list > On 3 Jan 2020, at 17:53, Joe Doss <joe@solidadmin.com> wrote: > > Hey Barry, > > Some older versions are building now: > > https://copr.fedorainfracloud.org/coprs/jdoss/wireguard/builds/ > > I have not tested them as I had to make some changes so the old repo > sources to build the src RPMs. Let me know if you run into any issues. dnf downgrade put me in this state: $ rpm -qa | grep wireguard wireguard-dkms-0.0.20191219-1.fc31.noarch wireguard-tools-1.0.20200102-1.fc31.x86_64 $ uname -r 5.3.12-300.fc31.x86_64 But wireguard is not working. Looking at the dnf history I think this is the point at which it went from working to not working. $ dnf history info 97 | grep -e kernel -e wireguard -e Begin Begin time : Tue 10 Dec 2019 12:49:28 GMT Begin rpmdb : 527:133702206fb808b6a14cfbbd59ce0971e85d1f6c Install kernel-5.3.15-300.fc31.x86_64 @updates Install kernel-core-5.3.15-300.fc31.x86_64 @updates Install kernel-devel-5.3.15-300.fc31.x86_64 @updates Install kernel-modules-5.3.15-300.fc31.x86_64 @updates Upgrade wireguard-dkms-1:0.0.20191206-1.fc31.noarch @jdoss-wireguard Upgraded wireguard-dkms-1:0.0.20191127-1.fc31.noarch @@System Upgrade wireguard-tools-1:0.0.20191206-1.fc31.x86_64 @jdoss-wireguard Upgraded wireguard-tools-1:0.0.20191127-1.fc31.x86_64 @@System Removed kernel-5.3.8-300.fc31.x86_64 @@System Removed kernel-core-5.3.8-300.fc31.x86_64 @@System Removed kernel-devel-5.3.8-300.fc31.x86_64 @@System Removed kernel-modules-5.3.8-300.fc31.x86_64 @@System If that is the change that introduced the break then I need the 2019 11 27 version for the next bisect test. Barry > > Joe > > > > -- > Joe Doss > joe@solidadmin.com > <pEpkey.asc>_______________________________________________ > WireGuard mailing list > WireGuard@lists.zx2c4.com > https://lists.zx2c4.com/mailman/listinfo/wireguard _______________________________________________ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard ^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2020-01-09 6:02 UTC | newest] Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2019-12-31 12:03 wireguard broke with recent update on fedora 31 Barry Scott 2020-01-02 20:11 ` Jason A. Donenfeld 2020-01-02 22:58 ` Barry 2020-01-03 17:24 ` Joe Doss 2020-01-03 17:53 ` Joe Doss 2020-01-05 21:38 ` Barry Scott
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).