Jump to content

wireguard wg-quick up wg0 seems to work but no Rx traffic on wg0 - NanoPi Neo - Armbian 22.02 Focal


Acea Quigg

Recommended Posts

Armbianmonitor:

Hi all,

 

The plot thickens. This is only an issue when eth0 is given an IPv6 address by my home router. If i disable IPv6 at home my problem goes away.

 

I am having some issues getting wireguard to play the game. I have a fresh Armbian Focal 22.02 install on a NanoPi Neo. The problem is that the wirguard interface comes up, then traffic doesn't flow., not even to the other side of the wireguard link (10.66.0.1). tcpdmping on the other side of the connection shows no packets at all coming into the far ends 51820. Stopping wireguard on both sides and using netcat via UDP and TCP I can see the traffic I expect. I can also use my Android mobile phone and make a connection to the wireguard server without issues.

 

I have tried the latest and previous stable Armbian, as well as swapping out kernels from 5.10 to 5.25,  all with the same results. I also got my colleague to test on the previous stable with his nanoPi,  same issue.

 

All I have done is scp'd the wg0.conf file into /etc/wireguard/ and executed wg-quick up wg0 and got the following (full commands and output):

user@MacBook-Pro » ssh root@192.168.68.73
root@192.168.68.73's password:
 _   _ ____  _   _   _
| \ | |  _ \(_) | \ | | ___  ___
|  \| | |_) | | |  \| |/ _ \/ _ \
| |\  |  __/| | | |\  |  __/ (_) |
|_| \_|_|   |_| |_| \_|\___|\___/

Welcome to Armbian 22.02.1 Focal with Linux 5.15.25-sunxi

System load:   13%           	Up time:       3 min
Memory usage:  16% of 491M   	IP:	       192.168.68.73
CPU temp:      30°C           	Usage of /:    7% of 15G

[ General system configuration (beta): armbian-config ]

Last login: Mon Mar 21 14:40:55 2022 from 192.168.68.50
nanopineo:~:# cp wg0.conf /etc/wireguard
nanopineo:~:# wg-quick up wg0
[#] ip link add wg0 type wireguard
[#] wg setconf wg0 /dev/fd/63
[#] ip -4 address add 10.66.0.9/24 dev wg0
[#] ip -6 address add 2001:470:ecd6:1::9/64 dev wg0
[#] ip link set mtu 1420 up dev wg0
[#] resolvconf -a tun.wg0 -m 0 -x
/etc/resolvconf/update.d/libc: Warning: /etc/resolv.conf is not a symbolic link to /run/resolvconf/resolv.conf
[#] wg set wg0 fwmark 51820
[#] ip -6 route add ::/0 dev wg0 table 51820
[#] ip -6 rule add not fwmark 51820 table 51820
[#] ip -6 rule add table main suppress_prefixlength 0
[#] ip6tables-restore -n
[#] ip -4 route add 0.0.0.0/0 dev wg0 table 51820
[#] ip -4 rule add not fwmark 51820 table 51820
[#] ip -4 rule add table main suppress_prefixlength 0
[#] sysctl -q net.ipv4.conf.all.src_valid_mark=1
[#] iptables-restore -n
nanopineo:~:# ifconfig wg0
wg0: flags=209<UP,POINTOPOINT,RUNNING,NOARP>  mtu 1420
        inet 10.66.0.9  netmask 255.255.255.0  destination 10.66.0.9
        inet6 2001:470:ecd6:1::9  prefixlen 64  scopeid 0x0<global>
        unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  txqueuelen 1000  (UNSPEC)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 4  bytes 592 (592.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

nanopineo:~:# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.68.1    0.0.0.0         UG    100    0        0 eth0
10.66.0.0       0.0.0.0         255.255.255.0   U     0      0        0 wg0
169.254.0.0     0.0.0.0         255.255.0.0     U     1000   0        0 eth0
192.168.68.0    0.0.0.0         255.255.252.0   U     100    0        0 eth0

nanopineo:~:# ping 10.66.0.1
PING 10.66.0.1 (10.66.0.1) 56(84) bytes of data.
^C
--- 10.66.0.1 ping statistics ---
4 packets transmitted, 0 received, 100% packet loss, time 3066ms

nanopineo:~:# ping4 google.com
^C

nanopineo:~:# wg-quick down wg0
[#] ip -4 rule delete table 51820
[#] ip -4 rule delete table main suppress_prefixlength 0
[#] ip -6 rule delete table 51820
[#] ip -6 rule delete table main suppress_prefixlength 0
[#] ip link delete dev wg0
[#] resolvconf -d tun.wg0 -f
/etc/resolvconf/update.d/libc: Warning: /etc/resolv.conf is not a symbolic link to /run/resolvconf/resolv.conf
[#] iptables-restore -n
[#] ip6tables-restore -n
  
nanopineo:~:# ping4 google.com
PING google.com (142.250.204.14) 56(84) bytes of data.
64 bytes from syd09s25-in-f14.1e100.net (142.250.204.14): icmp_seq=1 ttl=116 time=7.62 ms
64 bytes from syd09s25-in-f14.1e100.net (142.250.204.14): icmp_seq=2 ttl=116 time=9.78 ms

nanopineo:~:# cat /var/log/syslog
...
Mar 21 03:41:44 nanopineo systemd-timedated[2290]: Changed time zone to 'Australia/Sydney' (AEDT).
Mar 21 03:42:14 nanopineo systemd[1]: systemd-timedated.service: Succeeded.
Mar 21 03:42:26 nanopineo systemd[1]: session-6.scope: Succeeded.
Mar 21 03:42:31 nanopineo systemd[1]: Started Session 7 of user root.
Mar 21 03:44:17 nanopineo kernel: [  337.632265] wireguard: WireGuard 1.0.0 loaded. See www.wireguard.com for information.
Mar 21 03:44:17 nanopineo kernel: [  337.632294] wireguard: Copyright (C) 2015-2019 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
Mar 21 03:44:17 nanopineo systemd-udevd[2574]: ethtool: autonegotiation is unset or enabled, the speed and duplex are not writable.
Mar 21 03:44:17 nanopineo NetworkManager[1080]: <info>  [1647834257.8299] manager: (wg0): new WireGuard device (/org/freedesktop/NetworkManager/Devices/3)
Mar 21 03:44:17 nanopineo systemd-udevd[2574]: Using default interface naming scheme 'v245'.
Mar 21 03:44:17 nanopineo NetworkManager[1080]: <info>  [1647834257.9749] device (wg0): state change: unmanaged -> unavailable (reason 'connection-assumed', sys-iface-state: 'external')
Mar 21 03:44:18 nanopineo NetworkManager[1080]: <info>  [1647834258.0065] device (wg0): state change: unavailable -> disconnected (reason 'connection-assumed', sys-iface-state: 'external')
Mar 21 03:44:18 nanopineo NetworkManager[1080]: <info>  [1647834258.0144] device (wg0): Activation: starting connection 'wg0' (ed66279d-19f0-4cbc-9d07-89296e0a2c24)
Mar 21 03:44:18 nanopineo NetworkManager[1080]: <info>  [1647834258.0169] device (wg0): state change: disconnected -> prepare (reason 'none', sys-iface-state: 'external')
Mar 21 03:44:18 nanopineo NetworkManager[1080]: <info>  [1647834258.0201] device (wg0): state change: prepare -> config (reason 'none', sys-iface-state: 'external')
Mar 21 03:44:18 nanopineo NetworkManager[1080]: <info>  [1647834258.0232] device (wg0): state change: config -> ip-config (reason 'none', sys-iface-state: 'external')
Mar 21 03:44:18 nanopineo NetworkManager[1080]: <info>  [1647834258.0258] device (wg0): state change: ip-config -> ip-check (reason 'none', sys-iface-state: 'external')
Mar 21 03:44:18 nanopineo dbus-daemon[1076]: [system] Activating via systemd: service name='org.freedesktop.nm_dispatcher' unit='dbus-org.freedesktop.nm-dispatcher.service' requested by ':1.4' (uid=0 pid=1080 comm="/usr/sbin/NetworkManager --no-daemon ")
Mar 21 03:44:18 nanopineo systemd[1]: Starting Network Manager Script Dispatcher Service...
Mar 21 03:44:18 nanopineo dbus-daemon[1076]: [system] Successfully activated service 'org.freedesktop.nm_dispatcher'
Mar 21 03:44:18 nanopineo systemd[1]: Started Network Manager Script Dispatcher Service.
Mar 21 03:44:18 nanopineo NetworkManager[1080]: <info>  [1647834258.1114] device (wg0): state change: ip-check -> secondaries (reason 'none', sys-iface-state: 'external')
Mar 21 03:44:18 nanopineo NetworkManager[1080]: <info>  [1647834258.1136] device (wg0): state change: secondaries -> activated (reason 'none', sys-iface-state: 'external')
Mar 21 03:44:18 nanopineo NetworkManager[1080]: <info>  [1647834258.1293] device (wg0): Activation: successful, device activated.
Mar 21 03:44:29 nanopineo systemd[1]: NetworkManager-dispatcher.service: Succeeded.
Mar 21 03:45:01 nanopineo CRON[2776]: (root) CMD (/usr/lib/armbian/armbian-truncate-logs)
Mar 21 03:45:01 nanopineo CRON[2775]: (root) CMD (command -v debian-sa1 > /dev/null && debian-sa1 1 1)
Mar 21 03:50:16 nanopineo NetworkManager[1080]: <info>  [1647834616.2707] device (wg0): state change: activated -> unmanaged (reason 'unmanaged', sys-iface-state: 'removed')
Mar 21 03:50:16 nanopineo dbus-daemon[1076]: [system] Activating via systemd: service name='org.freedesktop.nm_dispatcher' unit='dbus-org.freedesktop.nm-dispatcher.service' requested by ':1.4' (uid=0 pid=1080 comm="/usr/sbin/NetworkManager --no-daemon ")
Mar 21 03:50:16 nanopineo systemd[1]: Starting Network Manager Script Dispatcher Service...
Mar 21 03:50:16 nanopineo dbus-daemon[1076]: [system] Successfully activated service 'org.freedesktop.nm_dispatcher'
Mar 21 03:50:16 nanopineo systemd[1]: Started Network Manager Script Dispatcher Service.
Mar 21 03:50:27 nanopineo systemd[1]: NetworkManager-dispatcher.service: Succeeded.
Mar 21 03:53:46 nanopineo systemd[1]: Starting Cleanup of Temporary Directories...
Mar 21 03:53:46 nanopineo systemd[1]: systemd-tmpfiles-clean.service: Succeeded.
Mar 21 03:53:46 nanopineo systemd[1]: Finished Cleanup of Temporary Directories.
Mar 21 03:55:01 nanopineo CRON[3319]: (root) CMD (command -v debian-sa1 > /dev/null && debian-sa1 1 1)
Mar 21 04:00:01 nanopineo CRON[3324]: (root) CMD (/usr/lib/armbian/armbian-truncate-logs)
Mar 21 04:05:01 nanopineo CRON[3342]: (root) CMD (command -v debian-sa1 > /dev/null && debian-sa1 1 1)
Mar 21 04:06:25 nanopineo NetworkManager[1080]: <info>  [1647835585.8543] manager: (wg0): new WireGuard device (/org/freedesktop/NetworkManager/Devices/4)
Mar 21 04:06:25 nanopineo systemd-udevd[3368]: ethtool: autonegotiation is unset or enabled, the speed and duplex are not writable.
Mar 21 04:06:25 nanopineo systemd-udevd[3368]: Using default interface naming scheme 'v245'.
Mar 21 04:06:25 nanopineo NetworkManager[1080]: <info>  [1647835585.9975] device (wg0): state change: unmanaged -> unavailable (reason 'connection-assumed', sys-iface-state: 'external')
Mar 21 04:06:26 nanopineo NetworkManager[1080]: <info>  [1647835586.0293] device (wg0): state change: unavailable -> disconnected (reason 'connection-assumed', sys-iface-state: 'external')
Mar 21 04:06:26 nanopineo NetworkManager[1080]: <info>  [1647835586.0368] device (wg0): Activation: starting connection 'wg0' (b20e83e0-c24c-4669-ac93-0808e7fbe64a)
Mar 21 04:06:26 nanopineo NetworkManager[1080]: <info>  [1647835586.0398] device (wg0): state change: disconnected -> prepare (reason 'none', sys-iface-state: 'external')
Mar 21 04:06:26 nanopineo NetworkManager[1080]: <info>  [1647835586.0443] device (wg0): state change: prepare -> config (reason 'none', sys-iface-state: 'external')
Mar 21 04:06:26 nanopineo NetworkManager[1080]: <info>  [1647835586.0470] device (wg0): state change: config -> ip-config (reason 'none', sys-iface-state: 'external')
Mar 21 04:06:26 nanopineo NetworkManager[1080]: <info>  [1647835586.0492] device (wg0): state change: ip-config -> ip-check (reason 'none', sys-iface-state: 'external')
Mar 21 04:06:26 nanopineo dbus-daemon[1076]: [system] Activating via systemd: service name='org.freedesktop.nm_dispatcher' unit='dbus-org.freedesktop.nm-dispatcher.service' requested by ':1.4' (uid=0 pid=1080 comm="/usr/sbin/NetworkManager --no-daemon ")
Mar 21 04:06:26 nanopineo systemd[1]: Starting Network Manager Script Dispatcher Service...
Mar 21 04:06:26 nanopineo dbus-daemon[1076]: [system] Successfully activated service 'org.freedesktop.nm_dispatcher'
Mar 21 04:06:26 nanopineo systemd[1]: Started Network Manager Script Dispatcher Service.
Mar 21 04:06:26 nanopineo NetworkManager[1080]: <info>  [1647835586.1380] device (wg0): state change: ip-check -> secondaries (reason 'none', sys-iface-state: 'external')
Mar 21 04:06:26 nanopineo NetworkManager[1080]: <info>  [1647835586.1407] device (wg0): state change: secondaries -> activated (reason 'none', sys-iface-state: 'external')
Mar 21 04:06:26 nanopineo NetworkManager[1080]: <info>  [1647835586.1531] device (wg0): Activation: successful, device activated.
Mar 21 04:06:37 nanopineo systemd[1]: NetworkManager-dispatcher.service: Succeeded.
Mar 21 04:06:55 nanopineo NetworkManager[1080]: <info>  [1647835615.3405] device (wg0): state change: activated -> unmanaged (reason 'unmanaged', sys-iface-state: 'removed')
Mar 21 04:06:55 nanopineo dbus-daemon[1076]: [system] Activating via systemd: service name='org.freedesktop.nm_dispatcher' unit='dbus-org.freedesktop.nm-dispatcher.service' requested by ':1.4' (uid=0 pid=1080 comm="/usr/sbin/NetworkManager --no-daemon ")

 

Edited by Acea Quigg
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...

Important Information

Terms of Use - Privacy Policy - Guidelines