WireGuard Archive on lore.kernel.org
 help / color / Atom feed
* Should wg-quick with SaveConfig accumulate IPv6 link-local addresses
@ 2018-07-10 22:20 Eddie
  2018-07-14 18:02 ` jugs
  0 siblings, 1 reply; 8+ messages in thread
From: Eddie @ 2018-07-10 22:20 UTC (permalink / raw)
  To: WireGuard mailing list

Not sure if this is intended behaviour, or not.

Every time I start an interface using wg-quick with the SaveConfig = 
true it reloads all the previous, saved, IPv6 link-local addresses plus 
generates a new one.  So the first time the interface is started there 
is 1 link-local address.  The next time, 2.  Then 3. Then 4, etc. etc.

Cheers.

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: Should wg-quick with SaveConfig accumulate IPv6 link-local addresses
  2018-07-10 22:20 Should wg-quick with SaveConfig accumulate IPv6 link-local addresses Eddie
@ 2018-07-14 18:02 ` jugs
  2018-07-19  0:31   ` Eddie
  0 siblings, 1 reply; 8+ messages in thread
From: jugs @ 2018-07-14 18:02 UTC (permalink / raw)
  To: stunnel; +Cc: WireGuard mailing list

I don't get an IPv6 link local address address on my wg interface. Do you u=
se network manager?


=E2=80=8B-jugs=E2=80=8B

=E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90 Original Me=
ssage =E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90

On July 10, 2018 10:20 PM, Eddie <stunnel@attglobal.net> wrote:

> =E2=80=8B=E2=80=8B
>=20
> Not sure if this is intended behaviour, or not.
>=20
> Every time I start an interface using wg-quick with the SaveConfig =3D
>=20
> true it reloads all the previous, saved, IPv6 link-local addresses plus
>=20
> generates a new one.=C2=A0 So the first time the interface is started the=
re
>=20
> is 1 link-local address.=C2=A0 The next time, 2.=C2=A0 Then 3. Then 4, et=
c. etc.
>=20
> Cheers.
>=20
> WireGuard mailing list
>=20
> WireGuard@lists.zx2c4.com
>=20
> https://lists.zx2c4.com/mailman/listinfo/wireguard

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: Should wg-quick with SaveConfig accumulate IPv6 link-local addresses
  2018-07-14 18:02 ` jugs
@ 2018-07-19  0:31   ` Eddie
  2018-12-08 13:32     ` Xand
  0 siblings, 1 reply; 8+ messages in thread
From: Eddie @ 2018-07-19  0:31 UTC (permalink / raw)
  To: WireGuard mailing list

Yeah, Network Manager is installed.

And I'm guessing that it's a different address each time, because the 
(fake) MAC address is random.

Cheers.


On 7/14/2018 11:02 AM, jugs wrote:
> I don't get an IPv6 link local address address on my wg interface. Do you use network manager?
>
>
> ​-jugs​
>
> ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
>
> On July 10, 2018 10:20 PM, Eddie <stunnel@attglobal.net> wrote:
>
>> ​​
>>
>> Not sure if this is intended behaviour, or not.
>>
>> Every time I start an interface using wg-quick with the SaveConfig =
>>
>> true it reloads all the previous, saved, IPv6 link-local addresses plus
>>
>> generates a new one.  So the first time the interface is started there
>>
>> is 1 link-local address.  The next time, 2.  Then 3. Then 4, etc. etc.
>>
>> Cheers.
>>
>> WireGuard mailing list
>>
>> WireGuard@lists.zx2c4.com
>>
>> https://lists.zx2c4.com/mailman/listinfo/wireguard
>
>
>

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: Should wg-quick with SaveConfig accumulate IPv6 link-local addresses
  2018-07-19  0:31   ` Eddie
@ 2018-12-08 13:32     ` Xand
  2018-12-10  1:15       ` Jason A. Donenfeld
  0 siblings, 1 reply; 8+ messages in thread
From: Xand @ 2018-12-08 13:32 UTC (permalink / raw)
  To: wireguard

[-- Attachment #1.1.1: Type: text/plain, Size: 648 bytes --]

I'm running Wireguard on a number of Debian 9 and CentOS 7.6 VMs. On the
CentOS VMs I experience the same issue as
https://lists.zx2c4.com/pipermail/wireguard/2018-July/003134.html. I'm
using wireguard-dkms and wireguard-tools from
https://copr-be.cloud.fedoraproject.org/results/jdoss/wireguard/ and
using the wg-quick service.

I do *not* have NetworkManager installed.

Each time wg0 comes up, a different IPv6 link-local address is added to
it. With SaveConfig set to true, these accumulate indefinitely.

Using identical configuration on the Debian 9 VMs, I don't ever get any
link-local addresses assigned to wg0.

Xand




[-- Attachment #1.2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

[-- Attachment #2: Type: text/plain, Size: 148 bytes --]

_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: Should wg-quick with SaveConfig accumulate IPv6 link-local addresses
  2018-12-08 13:32     ` Xand
@ 2018-12-10  1:15       ` Jason A. Donenfeld
  2018-12-10  2:04         ` Samuel Holland
  0 siblings, 1 reply; 8+ messages in thread
From: Jason A. Donenfeld @ 2018-12-10  1:15 UTC (permalink / raw)
  To: xand; +Cc: WireGuard mailing list

This is mostly just a CentOS issue. On older kernels, we don't
successfully disable LLv6:
https://git.zx2c4.com/WireGuard/tree/src/compat/compat.h#n583

There's probably a way to backport that tweak to before 3.17, but I
haven't spent time on it. Feel free to send a patch, and if it's clean
and fits entirely into compat.h, I'll gladly apply it.
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: Should wg-quick with SaveConfig accumulate IPv6 link-local addresses
  2018-12-10  1:15       ` Jason A. Donenfeld
@ 2018-12-10  2:04         ` Samuel Holland
  2018-12-10  2:05           ` Jason A. Donenfeld
  0 siblings, 1 reply; 8+ messages in thread
From: Samuel Holland @ 2018-12-10  2:04 UTC (permalink / raw)
  To: Jason A. Donenfeld, xand; +Cc: WireGuard mailing list

On 12/09/18 19:15, Jason A. Donenfeld wrote:
> This is mostly just a CentOS issue. On older kernels, we don't
> successfully disable LLv6:
> https://git.zx2c4.com/WireGuard/tree/src/compat/compat.h#n583
> 
> There's probably a way to backport that tweak to before 3.17, but I
> haven't spent time on it. Feel free to send a patch, and if it's clean
> and fits entirely into compat.h, I'll gladly apply it.

You can also work around this in wg-quick by changing up_if() to

  cmd ip link set "$INTERFACE" up addrgenmode none
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: Should wg-quick with SaveConfig accumulate IPv6 link-local addresses
  2018-12-10  2:04         ` Samuel Holland
@ 2018-12-10  2:05           ` Jason A. Donenfeld
  2018-12-10  2:13             ` Samuel Holland
  0 siblings, 1 reply; 8+ messages in thread
From: Jason A. Donenfeld @ 2018-12-10  2:05 UTC (permalink / raw)
  To: Samuel Holland; +Cc: WireGuard mailing list

On Mon, Dec 10, 2018 at 3:04 AM Samuel Holland <samuel@sholland.org> wrote:
>
> On 12/09/18 19:15, Jason A. Donenfeld wrote:
> > This is mostly just a CentOS issue. On older kernels, we don't
> > successfully disable LLv6:
> > https://git.zx2c4.com/WireGuard/tree/src/compat/compat.h#n583
> >
> > There's probably a way to backport that tweak to before 3.17, but I
> > haven't spent time on it. Feel free to send a patch, and if it's clean
> > and fits entirely into compat.h, I'll gladly apply it.
>
> You can also work around this in wg-quick by changing up_if() to
>
>   cmd ip link set "$INTERFACE" up addrgenmode none

Does that work in kernels < 3.17?
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: Should wg-quick with SaveConfig accumulate IPv6 link-local addresses
  2018-12-10  2:05           ` Jason A. Donenfeld
@ 2018-12-10  2:13             ` Samuel Holland
  0 siblings, 0 replies; 8+ messages in thread
From: Samuel Holland @ 2018-12-10  2:13 UTC (permalink / raw)
  To: Jason A. Donenfeld; +Cc: WireGuard mailing list

On 12/09/18 20:05, Jason A. Donenfeld wrote:
> On Mon, Dec 10, 2018 at 3:04 AM Samuel Holland <samuel@sholland.org> wrote:
>>
>> On 12/09/18 19:15, Jason A. Donenfeld wrote:
>>> This is mostly just a CentOS issue. On older kernels, we don't
>>> successfully disable LLv6:
>>> https://git.zx2c4.com/WireGuard/tree/src/compat/compat.h#n583
>>>
>>> There's probably a way to backport that tweak to before 3.17, but I
>>> haven't spent time on it. Feel free to send a patch, and if it's clean
>>> and fits entirely into compat.h, I'll gladly apply it.
>>
>> You can also work around this in wg-quick by changing up_if() to
>>
>>   cmd ip link set "$INTERFACE" up addrgenmode none
> 
> Does that work in kernels < 3.17?
> 

Oh, sorry, no it doesn't :( While it uses a totally different way of accessing
the device (so I thought it might still work), it's just another way of setting
addr_gen_mode.
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

^ permalink raw reply	[flat|nested] 8+ messages in thread

end of thread, back to index

Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-07-10 22:20 Should wg-quick with SaveConfig accumulate IPv6 link-local addresses Eddie
2018-07-14 18:02 ` jugs
2018-07-19  0:31   ` Eddie
2018-12-08 13:32     ` Xand
2018-12-10  1:15       ` Jason A. Donenfeld
2018-12-10  2:04         ` Samuel Holland
2018-12-10  2:05           ` Jason A. Donenfeld
2018-12-10  2:13             ` Samuel Holland

WireGuard Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/wireguard/0 wireguard/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 wireguard wireguard/ https://lore.kernel.org/wireguard \
		wireguard@lists.zx2c4.com zx2c4-wireguard@archiver.kernel.org
	public-inbox-index wireguard

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/com.zx2c4.lists.wireguard


AGPL code for this site: git clone https://public-inbox.org/ public-inbox