WireGuard Archive on lore.kernel.org
 help / Atom feed
* Syntax for iperf3 to use over pair wireguard interfaces on a LAN?
@ 2018-12-18 19:49 John
  2018-12-18 21:48 ` Kalin KOZHUHAROV
  0 siblings, 1 reply; 4+ messages in thread
From: John @ 2018-12-18 19:49 UTC (permalink / raw)
  To: wireguard

I want to get iperf3 to benchmark a simple wireguard setup on my LAN.
I have two machines, foo is 192.168.1.228 and bar is 192.168.1.112.

These IP addresses are fully functional on their respective eth0
interfaces.  Each one also has a wg0 interface configured as shown
below.  I can get iperf3 to work over the non-wireguard interfaces,
but not over the wireguard interfaces.  What am using iperf3 wrong?
Did I misconfigure wg?

Details:
Here are the /etc/wireguard/wg0.conf files for both machines (I don't
care if the public/private keys are present/this is only a test
environment and it will allow others to simply copy/paste if they want
to test as well):

On foo:
####
[Interface]
Address = 10.0.9.15/24
SaveConfig = true
ListenPort = 500
PrivateKey = kLac+M+JJJ+gpsKo1DeUyfuwfDwGeKMj81+M3Z3mUkw=

[Peer]
PublicKey = y6DrsFVIgqBMc8joSuEytCpQEywk5dPKRoeLZZC9H34=
AllowedIPs = 10.0.9.16/32
####

On bar:
####
[Interface]
Address = 10.0.9.16/24
SaveConfig = true
ListenPort = 500
FwMark = 0xca6c
PrivateKey = 4EwMqSyvLaHrv5JvAAyKnmdbw9UN4rsjydkPXb5ll28=

[Peer]
PublicKey = SkBs9t96znOr+d60tgPlXkp7z6YABvfxD9KNVzZIP3I=
AllowedIPs = 0.0.0.0/0
Endpoint = 192.168.1.228:500
####

Again, both wireguard interfaces are up and connected.  For example, on foo:

# wg
interface: wg0
  public key: SkBs9t96znOr+d60tgPlXkp7z6YABvfxD9KNVzZIP3I=
  private key: (hidden)
  listening port: 500

peer: y6DrsFVIgqBMc8joSuEytCpQEywk5dPKRoeLZZC9H34=
  endpoint: 192.168.1.112:500
  allowed ips: 10.0.9.16/32
  latest handshake: 10 minutes, 41 seconds ago
  transfer: 32.45 KiB received, 8.24 KiB sent

If I run iperf3 in server mode on foo and in client mode on bar, it
works as expected using the non-wireguard interfaces:

On foo:
% iperf3 -s -B 192.168.1.228
-----------------------------------------------------------
Server listening on 5201
-----------------------------------------------------------
Accepted connection from 192.168.1.112, port 58575
[  5] local 192.168.1.228 port 5201 connected to 192.168.1.112 port 46261
[ ID] Interval           Transfer     Bitrate
[  5]   0.00-1.00   sec   107 MBytes   900 Mbits/sec
[  5]   1.00-2.00   sec   112 MBytes   939 Mbits/sec
[  5]   2.00-3.00   sec   112 MBytes   940 Mbits/sec
[  5]   3.00-4.00   sec   112 MBytes   938 Mbits/sec
[  5]   4.00-5.00   sec   112 MBytes   940 Mbits/sec
[  5]   4.00-5.00   sec   112 MBytes   940 Mbits/sec
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval           Transfer     Bitrate
[  5]   0.00-5.00   sec   596 MBytes  1.00 Gbits/sec                  receiver
iperf3: the client has terminated

On bar:
% iperf3 -c 192.168.1.228 -B 192.168.1.112
Connecting to host 192.168.1.228, port 5201
[  5] local 192.168.1.112 port 46261 connected to 192.168.1.228 port 5201
[ ID] Interval           Transfer     Bitrate         Retr  Cwnd
[  5]   0.00-1.00   sec   113 MBytes   950 Mbits/sec    0    281 KBytes
[  5]   1.00-2.00   sec   112 MBytes   939 Mbits/sec    0    296 KBytes
[  5]   2.00-3.00   sec   112 MBytes   938 Mbits/sec    0    296 KBytes
[  5]   3.00-4.00   sec   112 MBytes   938 Mbits/sec    0    296 KBytes
[  5]   4.00-5.00   sec   112 MBytes   944 Mbits/sec    0    308 KBytes
^C[  5]   5.00-5.33   sec  36.7 MBytes   939 Mbits/sec    0    308 KBytes
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval           Transfer     Bitrate         Retr
[  5]   0.00-5.33   sec   598 MBytes   942 Mbits/sec    0             sender
[  5]   0.00-5.33   sec  0.00 Bytes  0.00 bits/sec                  receiver
iperf3: interrupt - the client has terminated

When I try using the IP addresses of the respective wireguard
interfaces, I get nothing:

On foo:
% iperf3 -s -B 10.0.9.15
-----------------------------------------------------------
Server listening on 5201
-----------------------------------------------------------

On bar:
% iperf3 -c 10.0.9.15 -B 10.0.9.16
iperf3: error - unable to connect to server: Connection timed outa
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: Syntax for iperf3 to use over pair wireguard interfaces on a LAN?
  2018-12-18 19:49 Syntax for iperf3 to use over pair wireguard interfaces on a LAN? John
@ 2018-12-18 21:48 ` Kalin KOZHUHAROV
  2018-12-18 22:42   ` John
  2018-12-18 22:45   ` John
  0 siblings, 2 replies; 4+ messages in thread
From: Kalin KOZHUHAROV @ 2018-12-18 21:48 UTC (permalink / raw)
  To: John; +Cc: WireGuard mailing list

[-- Attachment #1.1: Type: text/plain, Size: 282 bytes --]

On Tue, 18 Dec 2018, 20:50 John <graysky@archlinux.us wrote:

> On bar:
> % iperf3 -c 10.0.9.15 -B 10.0.9.16
> iperf3: error - unable to connect to server: Connection timed outa

iperf -c 10.0.9.15

Also for the server, omit ipaddr, it listens to all interfaces by default.

Kalin.

[-- Attachment #1.2: Type: text/html, Size: 674 bytes --]

<div dir="auto"><div><br><br><div class="gmail_quote"><div dir="ltr">On Tue, 18 Dec 2018, 20:50 John &lt;<a href="mailto:graysky@archlinux.us">graysky@archlinux.us</a> wrote:</div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
On bar:<br>
% iperf3 -c 10.0.9.15 -B 10.0.9.16<br>
iperf3: error - unable to connect to server: Connection timed outa</blockquote></div></div><div dir="auto">iperf -c 10.0.9.15</div><div dir="auto"><br></div><div dir="auto">Also for the server, omit ipaddr, it listens to all interfaces by default.</div><div dir="auto"><br></div><div dir="auto">Kalin.</div><div dir="auto"></div></div>

[-- Attachment #2: Type: text/plain, Size: 148 bytes --]

_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: Syntax for iperf3 to use over pair wireguard interfaces on a LAN?
  2018-12-18 21:48 ` Kalin KOZHUHAROV
@ 2018-12-18 22:42   ` John
  2018-12-18 22:45   ` John
  1 sibling, 0 replies; 4+ messages in thread
From: John @ 2018-12-18 22:42 UTC (permalink / raw)
  To: Kalin KOZHUHAROV; +Cc: WireGuard mailing list

On Tue, Dec 18, 2018 at 4:49 PM Kalin KOZHUHAROV <me.kalin@gmail.com> wrote:
> On Tue, 18 Dec 2018, 20:50 John <graysky@archlinux.us wrote:
>>
>> On bar:
>> % iperf3 -c 10.0.9.15 -B 10.0.9.16
>> iperf3: error - unable to connect to server: Connection timed outa
>
> iperf -c 10.0.9.15
>
> Also for the server, omit ipaddr, it listens to all interfaces by default.
>

I tried that but nothing:
On foo:
% iperf3 -s
-----------------------------------------------------------
Server listening on 5201
-----------------------------------------------------------

On bar:
% iperf3 -c 10.0.9.15
iperf3: error - unable to connect to server: Connection timed out
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: Syntax for iperf3 to use over pair wireguard interfaces on a LAN?
  2018-12-18 21:48 ` Kalin KOZHUHAROV
  2018-12-18 22:42   ` John
@ 2018-12-18 22:45   ` John
  1 sibling, 0 replies; 4+ messages in thread
From: John @ 2018-12-18 22:45 UTC (permalink / raw)
  To: Kalin KOZHUHAROV; +Cc: WireGuard mailing list

My mistake... I opened 500/udp for both sides... a quick fix was to
allow all from 10.0.9.0/24 and it works. Thank you for the reply.

On foo:
% iperf3 -s
                                     :(
-----------------------------------------------------------
Server listening on 5201
-----------------------------------------------------------
Accepted connection from 10.0.9.16, port 54812
[  5] local 10.0.9.15 port 5201 connected to 10.0.9.16 port 54814
[ ID] Interval           Transfer     Bitrate
[  5]   0.00-1.00   sec   102 MBytes   854 Mbits/sec
[  5]   1.00-2.00   sec  98.1 MBytes   823 Mbits/sec
[  5]   2.00-3.00   sec   107 MBytes   901 Mbits/sec
[  5]   3.00-4.00   sec   107 MBytes   894 Mbits/sec
[  5]   4.00-5.00   sec   104 MBytes   870 Mbits/sec
[  5]   5.00-6.00   sec   101 MBytes   848 Mbits/sec
[  5]   6.00-7.00   sec   107 MBytes   899 Mbits/sec
[  5]   7.00-8.00   sec   107 MBytes   901 Mbits/sec
[  5]   8.00-9.00   sec   107 MBytes   901 Mbits/sec
[  5]   9.00-10.00  sec  98.1 MBytes   823 Mbits/sec
[  5]  10.00-10.04  sec  4.50 MBytes   901 Mbits/sec
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval           Transfer     Bitrate
[  5]   0.00-10.04  sec  1.02 GBytes   872 Mbits/sec                  receiver

On bar:
% iperf3 -c 10.0.9.15
Connecting to host 10.0.9.15, port 5201
[  5] local 10.0.9.16 port 54814 connected to 10.0.9.15 port 5201
[ ID] Interval           Transfer     Bitrate         Retr  Cwnd
[  5]   0.00-1.00   sec   107 MBytes   898 Mbits/sec    0    361 KBytes
[  5]   1.00-2.00   sec  98.0 MBytes   822 Mbits/sec    0    361 KBytes
[  5]   2.00-3.00   sec   107 MBytes   901 Mbits/sec    0    361 KBytes
[  5]   3.00-4.00   sec   107 MBytes   898 Mbits/sec    0    442 KBytes
[  5]   4.00-5.00   sec   100 MBytes   840 Mbits/sec    0    465 KBytes
[  5]   5.00-6.00   sec   105 MBytes   880 Mbits/sec    0    488 KBytes
[  5]   6.00-7.00   sec   107 MBytes   897 Mbits/sec    0    513 KBytes
[  5]   7.00-8.00   sec   107 MBytes   900 Mbits/sec    0    513 KBytes
[  5]   8.00-9.00   sec   107 MBytes   901 Mbits/sec    0    513 KBytes
[  5]   9.00-10.00  sec  98.2 MBytes   823 Mbits/sec    0    513 KBytes
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval           Transfer     Bitrate         Retr
[  5]   0.00-10.00  sec  1.02 GBytes   876 Mbits/sec    0             sender
[  5]   0.00-10.04  sec  1.02 GBytes   872 Mbits/sec                  receiver

iperf Done.

On Tue, Dec 18, 2018 at 4:49 PM Kalin KOZHUHAROV <me.kalin@gmail.com> wrote:
>
>
>
> On Tue, 18 Dec 2018, 20:50 John <graysky@archlinux.us wrote:
>>
>> On bar:
>> % iperf3 -c 10.0.9.15 -B 10.0.9.16
>> iperf3: error - unable to connect to server: Connection timed outa
>
> iperf -c 10.0.9.15
>
> Also for the server, omit ipaddr, it listens to all interfaces by default.
>
> Kalin.
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, back to index

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-12-18 19:49 Syntax for iperf3 to use over pair wireguard interfaces on a LAN? John
2018-12-18 21:48 ` Kalin KOZHUHAROV
2018-12-18 22:42   ` John
2018-12-18 22:45   ` John

WireGuard Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/wireguard/0 wireguard/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 wireguard wireguard/ https://lore.kernel.org/wireguard \
		wireguard@lists.zx2c4.com zx2c4-wireguard@archiver.kernel.org
	public-inbox-index wireguard


Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/com.zx2c4.lists.wireguard


AGPL code for this site: git clone https://public-inbox.org/ public-inbox