cpunk
July 30th, 2020, 07:44 PM
Wireguard has been working fine on this Kubuntu 20.04 install for a while. Now for some reason when I try to bring up a new interface with wg-quick, it gets no IP address assigned. Is anyone else seeing this when trying to create a new Wireguard interface?
Here's the ifconfig after it's brought up:
wg1: flags=209<UP,POINTOPOINT,RUNNING,NOARP> mtu 1420
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 1000 (UNSPEC)
RX packets 3 bytes 156 (156.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 25 bytes 22144 (22.1 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
There should be an IPv4 address, but there's none.
wg show output:
interface: wg0
public key: <redacted>
private key: (hidden)
listening port: 44429
fwmark: 0xca6c
peer: <redacted>
endpoint: 192.168.11.88:51820
allowed ips: 0.0.0.0/0, ::/0
latest handshake: 26 seconds ago
transfer: 156 B received, 21.62 KiB sent
Here's the config file:
[Interface]
Address = 10.0.0.2/32
PrivateKey = <redacted>
DNS = 8.8.8.8
[Peer]
PublicKey = <redacted>
AllowedIPs = 0.0.0.0/0,::0/0
Endpoint = 192.168.11.88:51820
Right now I'm doing this just to test performance on a router that's acting as wg server. So I have it on a private network. There is some L2 traffic moving since I can see the handshake on the wg server and a few bytes moving.
I had another interface on this PC that was set up earlier, associated with a different endpoint, and it was still functioning fine. I could bring it up with "wg-quick up wg0" and it has the IP assigned and connectivity is working.
Thinking it was just a problem with interface creation I've tried the following:
Create the interface through the connections GUI in system settings. Same behavior. The IP is visible in the output of "nmcli -s c show wg1" and in /etc/NetworkManager/system-connections/wg1.nmconnection. Interestingly, the interface gets a link-local ipv6 address in this config, since ipv6 address mode is required (and disabled is not available in the GUI). Setting it to ignore gives a link-local that does respond to a ping. Still no ipv4.
Create the interface through nmcli. Same as above, the IP is in the stored configuration.
Next I removed all the Wireguard interfaces (including the working one), restarted, and then tried to set up only the previously-working interface wg0, with the same config file that was used previously (a 3 or so of months ago). That interface now has the same problem.
Thinking it could be caused by an update, I reverted the wireguard and wireguard-tools to the 20.04 release versions (apt-get install wireguard=1.0.20200319-1ubuntu1 wireguard-tools=1.0.20200319-1ubuntu1). Then I tried to wg-quick up that previously-working wg0.conf file. Same behavior. I upgraded back to current.
Any ideas about what might be happening? Can anyone else reproduce this?
Thanks for any ideas!
Here's the ifconfig after it's brought up:
wg1: flags=209<UP,POINTOPOINT,RUNNING,NOARP> mtu 1420
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 1000 (UNSPEC)
RX packets 3 bytes 156 (156.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 25 bytes 22144 (22.1 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
There should be an IPv4 address, but there's none.
wg show output:
interface: wg0
public key: <redacted>
private key: (hidden)
listening port: 44429
fwmark: 0xca6c
peer: <redacted>
endpoint: 192.168.11.88:51820
allowed ips: 0.0.0.0/0, ::/0
latest handshake: 26 seconds ago
transfer: 156 B received, 21.62 KiB sent
Here's the config file:
[Interface]
Address = 10.0.0.2/32
PrivateKey = <redacted>
DNS = 8.8.8.8
[Peer]
PublicKey = <redacted>
AllowedIPs = 0.0.0.0/0,::0/0
Endpoint = 192.168.11.88:51820
Right now I'm doing this just to test performance on a router that's acting as wg server. So I have it on a private network. There is some L2 traffic moving since I can see the handshake on the wg server and a few bytes moving.
I had another interface on this PC that was set up earlier, associated with a different endpoint, and it was still functioning fine. I could bring it up with "wg-quick up wg0" and it has the IP assigned and connectivity is working.
Thinking it was just a problem with interface creation I've tried the following:
Create the interface through the connections GUI in system settings. Same behavior. The IP is visible in the output of "nmcli -s c show wg1" and in /etc/NetworkManager/system-connections/wg1.nmconnection. Interestingly, the interface gets a link-local ipv6 address in this config, since ipv6 address mode is required (and disabled is not available in the GUI). Setting it to ignore gives a link-local that does respond to a ping. Still no ipv4.
Create the interface through nmcli. Same as above, the IP is in the stored configuration.
Next I removed all the Wireguard interfaces (including the working one), restarted, and then tried to set up only the previously-working interface wg0, with the same config file that was used previously (a 3 or so of months ago). That interface now has the same problem.
Thinking it could be caused by an update, I reverted the wireguard and wireguard-tools to the 20.04 release versions (apt-get install wireguard=1.0.20200319-1ubuntu1 wireguard-tools=1.0.20200319-1ubuntu1). Then I tried to wg-quick up that previously-working wg0.conf file. Same behavior. I upgraded back to current.
Any ideas about what might be happening? Can anyone else reproduce this?
Thanks for any ideas!