OSPF wireguard fallback

chrono chrono at open-resource.org
Tue May 8 13:50:51 CEST 2018 

On 2018-05-03 15:37, chrono wrote:
>>> $ wg-quick up wg0
>>> [#] ip link add wg0 type wireguard
>>> [#] wg setconf wg0 /dev/fd/63
>>> [#] ip address add 172.23.3.2/29 dev wg0
>>> [#] ip link set mtu 1420 dev wg0
>>> [#] ip link set wg0 up
>>> [#] wg set wg0 fwmark 51820
>>> [#] ip -4 route add 0.0.0.0/0 dev wg0 table 51820
>>> [#] ip -4 rule add not fwmark 51820 table 51820
>>> [#] ip -4 rule add table main suppress_prefixlength 0
>>> Error: argument "suppress_prefixlength" is wrong: Failed to parse 
>>> rule
>>> type
>>> [#] ip -4 rule delete table 51820
>>> [#] ip link delete dev wg0
>>> 
>>> wg0 simply not coming up
>> 
>> Ah, this is because wg-quick tries to also set a kernel route for
>> 0.0.0.0/0 over the interface. That is not what you want here. I think
>> you may have to stop using wg-quick for this setup, and set up the
>> wireguard interface in a different way... You can remove the options
>> that the normal wg binary doesn't understand from the config file (DNS
>> and IP address configuration, mainly), and set it up with that, then
>> configure the IP addresses manually (or with a script). Alternatively,
>> you can use systemd to setup the whole thing...
> 
> Yeah, that was my presumption as well, that wireguard would mess with 
> my
> routes when AllowedIPs is anything else than 172.23.3.x, that's why I 
> had
> it restricted to it as a "fix". I didn't realize it wasn't wg as such,
> but a consequence of wg-quick usage. I'll do my homework how to 
> manually
> setup the interfaces and test again to see if that does the trick.
> Thanks guys, for all your help and inputs! <3

Thanks to all who helped. After dropping wg-quick and setting up wg by
hand the wg interface still comes up as stubnet in BIRD.

network 172.23.1.0/29 metric 5
network 172.23.2.0/29 metric 5
stubnet 172.23.3.0/29 metric 10

However, routing works and BIRD reliably routes traffic through wg0 when
the MPLS multipath links are both down. It seems of no consequence 
whether
the wg interface is configured in BIRD as pointtopoint or broadcast. See
screenshot.

13:49:36.641952 IP 172.23.3.2 > 224.0.0.5: OSPFv2, Hello, length 64
13:49:41.758654 IP 172.23.3.1 > 224.0.0.5: OSPFv2, Hello, length 64
13:49:46.772493 IP 172.23.3.2 > 224.0.0.5: OSPFv2, Hello, length 64
13:49:50.887503 IP 172.23.3.1 > 224.0.0.5: OSPFv2, Hello, length 64
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Screenshot_2018-05-08_09-29-04.png
Type: image/png
Size: 65034 bytes
Desc: not available
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20180508/7e8c98a7/attachment.png>

More information about the Bird-users mailing list