WireGuard Archive on lore.kernel.org
 help / Atom feed
* issue with certain apps + wireguard
@ 2019-01-03 19:02 Arpit Gupta
  2019-01-08  8:01 ` Kalin KOZHUHAROV
  0 siblings, 1 reply; 2+ messages in thread
From: Arpit Gupta @ 2019-01-03 19:02 UTC (permalink / raw)
  To: wireguard

[-- Attachment #1.1: Type: text/plain, Size: 1389 bytes --]

Hi All

A new user here. Recently setup wireguard to run on my pi 3 + pi hole. I am
noticing some interesting behavior with certain apps.

When using Google Duo on my android phone it would not work if wireguard
was configured in split tunnel mode. When i enabled all traffic via
wireguard it worked fine.

Downloading app updates my phone when on wireguard would not work
regardless if it was split tunnel or all traffic was being routed via
wireguard. Interestingly installing an app did not have any issue.

Another issue i noticed is when i try to open lets say a pdf attachment in
my browser from gmail it gets stuck in downloading state. I then turn off
wireguard and then it works fine.

All of this is when i am at home so network is not an issue. I have
confirmed pi hole is not causing issues as when i disable wireguard
applications are working fine and still using pi hole dns.

I am noob in the matters of VPN, security, network etc so i wanted to see
if people had thoughts on how i can debug this further to determine if this
is an issue with the wireguard app on my phone vs the peer running on my pi
and if there are certain types of apps i should add to my exclude list.
Right now i have added google duo and play store to it.

On my pi3 i am running wireguard 0.0.20181218-1 and on my pixel 3xl i am
running 0.0.20181218 and go backend of 0.0.20181018.

Thanks
--
Arpit

[-- Attachment #1.2: Type: text/html, Size: 1736 bytes --]

<div dir="ltr"><div dir="ltr"><div>Hi All</div><div><br></div><div>A new user here. Recently setup wireguard to run on my pi 3 + pi hole. I am noticing some interesting behavior with certain apps.</div><div><br></div><div>When using Google Duo on my android phone it would not work if wireguard was configured in split tunnel mode. When i enabled all traffic via wireguard it worked fine.</div><div><br></div><div>Downloading app updates my phone when on wireguard would not work regardless if it was split tunnel or all traffic was being routed via wireguard. Interestingly installing an app did not have any issue.</div><div><br></div><div>Another issue i noticed is when i try to open lets say a pdf attachment in my browser from gmail it gets stuck in downloading state. I then turn off wireguard and then it works fine.</div><div><br></div><div>All of this is when i am at home so network is not an issue. I have confirmed pi hole is not causing issues as when i disable wireguard applications are working fine and still using pi hole dns.</div><div><br></div><div>I am noob in the matters of VPN, security, network etc so i wanted to see if people had thoughts on how i can debug this further to determine if this is an issue with the wireguard app on my phone vs the peer running on my pi and if there are certain types of apps i should add to my exclude list. Right now i have added google duo and play store to it.</div><div><br></div><div>On my pi3 i am running wireguard 0.0.20181218-1 and on my pixel 3xl i am running 0.0.20181218 and go backend of 0.0.20181018.</div><div><br></div><div>Thanks<br></div><div><div><div dir="ltr" class="gmail_signature"><div dir="ltr"><div>--</div>Arpit</div></div></div></div></div></div>

[-- Attachment #2: Type: text/plain, Size: 148 bytes --]

_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: issue with certain apps + wireguard
  2019-01-03 19:02 issue with certain apps + wireguard Arpit Gupta
@ 2019-01-08  8:01 ` Kalin KOZHUHAROV
  0 siblings, 0 replies; 2+ messages in thread
From: Kalin KOZHUHAROV @ 2019-01-08  8:01 UTC (permalink / raw)
  To: Arpit Gupta; +Cc: WireGuard mailing list

On Tue, Jan 8, 2019 at 3:22 AM Arpit Gupta <g.arpit@gmail.com> wrote:
> A new user here. Recently setup wireguard to run on my pi 3 + pi hole. I am noticing some interesting behavior with certain apps.
>
Apps running where? Name your hosts (fakename if you prefer) for clarity.

> When using Google Duo on my android phone it would not work if wireguard was configured in split tunnel mode. When i enabled all traffic via wireguard it worked fine.
>
"android phone"? How does it connect to where?

> Downloading app updates my phone when on wireguard would not work regardless if it was split tunnel or all traffic was being routed via wireguard. Interestingly installing an app did not have any issue.
>
Is there wireguard tunnel starting from "phone" (end ending where?), or no?

> Another issue i noticed is when i try to open lets say a pdf attachment in my browser from gmail it gets stuck in downloading state. I then turn off wireguard and then it works fine.

> I am noob in the matters of VPN, security, network etc so i wanted to see if people had thoughts on how i can debug this further to determine if this is an issue with the wireguard app on my phone vs the peer running on my pi and if there are certain types of apps i should add to my exclude list. Right now i have added google duo and play store to it.
>
For a start, get one or two levels below "Google store", "app" and so
on. Test with simple tools, possibly platform agnostic (ping,
wget/curl).
In IP networks, data travels in packets, apps talk via sockets and
send those packets. Packet flow can be observed via Wireshark
(tcpdump, thsark) and can be recorded in a packet capture (pcap file).
Linux networking is flexible enough to allow non-working
configurations (or working not in the way one thinks);
examining/sharing (running) configurations is a key point (`ip addr;
ip route; wg; cat /etc/resolv.conf; ping -c3 8.8.8.8` commands run as
root might help).

> I have confirmed pi hole is not causing issues as when i disable wireguard applications are working fine and still using pi hole dns.
>
Since you have "working" and "non-working" state (i.e. when you
"enable wireguard"), compare (diff) the two and try to understand what
changes (execute the commands and record their output in a text file
before and after:
<reboot>
bash -c "ip addr; ip route; wg; cat /etc/resolv.conf; ping -c3
8.8.8.8" >test.good 2>&1
<enable wireguard>
bash -c "ip addr; ip route; wg; cat /etc/resolv.conf; ping -c3
8.8.8.8" >test.bad 2>&1

Then compare test.{good,bad} with a diff utility (diff, sdiff,
gvimdiff, etc.). When you have more than one host involved, do that
for each host before/after.

Cheers,
Kalin.
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, back to index

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-01-03 19:02 issue with certain apps + wireguard Arpit Gupta
2019-01-08  8:01 ` Kalin KOZHUHAROV

WireGuard Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/wireguard/0 wireguard/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 wireguard wireguard/ https://lore.kernel.org/wireguard \
		wireguard@lists.zx2c4.com zx2c4-wireguard@archiver.kernel.org
	public-inbox-index wireguard


Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/com.zx2c4.lists.wireguard


AGPL code for this site: git clone https://public-inbox.org/ public-inbox