From owner-freebsd-questions@freebsd.org Thu Jul 22 18:51:50 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id C404266401B for ; Thu, 22 Jul 2021 18:51:50 +0000 (UTC) (envelope-from polyakov@liltechdude.xyz) Received: from mail.liltechdude.xyz (liltechdude.xyz [136.244.109.117]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4GW1lB0j7Sz4mtQ for ; Thu, 22 Jul 2021 18:51:49 +0000 (UTC) (envelope-from polyakov@liltechdude.xyz) Received: from localhost (unknown [194.247.25.225]) by mail.liltechdude.xyz (Postfix) with ESMTPSA id 401DE2F4B7D for ; Thu, 22 Jul 2021 18:51:48 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=liltechdude.xyz; s=mail; t=1626979908; bh=ALCJWBE0aSbWRRpLeqqZNKn77H2PyjOtCqV8v6Y+tuU=; h=From:To:Subject:Date:From; b=SSSdlWVTr6lClJxFHvbljWKdyCi/IO1ZOpRqkxtJ/VkYfmWHsayj5XIyJKQvUsSGv 01lH1hfuzBPsDRfZ/ncUjuQjxsMOPMFF8rMbIAAODBdnPOTnecUMgtUeEN4wmOaUvF sxgpV5wjS0PfnTfscN1AcyPidj6NmKAC+qv0R2tI771g8wO0Jt4jjFAQczUkykKVHE l7N29Pfe00ZSs+y58DuV4dejUb7YAvsBP0vIntq0NE2xZHTgSiogTihPmSu16tOYcZ xI9bbM0CG6/dYCaTqHqtC5dRWwSgV3Nb91DdRr8ln6i1QI8fP4PTNQph/NDcwHJ4Bc YTHKBXlZ0nwEw== User-agent: mu4e 1.4.15; emacs 28.0.50 From: Dmitry Polyakov To: freebsd-questions@freebsd.org Subject: Wireguard_kmod strange behaviour with config from Linux Date: Thu, 22 Jul 2021 23:51:28 +0500 Message-ID: <877dhimbbj.fsf@liltechdude.xyz> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-Rspamd-Queue-Id: 4GW1lB0j7Sz4mtQ X-Spamd-Bar: ----- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=liltechdude.xyz header.s=mail header.b=SSSdlWVT; dmarc=pass (policy=none) header.from=liltechdude.xyz; spf=pass (mx1.freebsd.org: domain of polyakov@liltechdude.xyz designates 136.244.109.117 as permitted sender) smtp.mailfrom=polyakov@liltechdude.xyz X-Spamd-Result: default: False [-5.98 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_SPF_ALLOW(-0.20)[+mx]; TO_DN_NONE(0.00)[]; DKIM_TRACE(0.00)[liltechdude.xyz:+]; DMARC_POLICY_ALLOW(-0.50)[liltechdude.xyz,none]; NEURAL_HAM_SHORT(-1.00)[-1.000]; SIGNED_PGP(-2.00)[]; RECEIVED_SPAMHAUS_PBL(0.00)[194.247.25.225:received]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; RBL_DBL_DONT_QUERY_IPS(0.00)[136.244.109.117:from]; MID_RHS_MATCH_FROM(0.00)[]; ASN(0.00)[asn:20473, ipnet:136.244.96.0/20, country:US]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[liltechdude.xyz:s=mail]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-0.88)[-0.877]; MIME_GOOD(-0.20)[multipart/signed,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[136.244.109.117:from:127.0.2.255]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-questions] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 Jul 2021 18:51:50 -0000 --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Hello! Some time's ago I decided to move all what I want from server from Ubuntu to FreeBSD. All passed normally but not VPN. When I tried to simply copy wireguard server config and change Endpoint value in client config to server IP, I get that I could only connect to the server (on the server I could connect to anywhere as always). I think this is DNS trouble or something, because `ping freebsd.org` initially wait for some time and after constantly return network error. FreeBSD 13, wireguard-kmod 0.0.20210606_1. I setup wireguard simply by copypast config and run "service wireguard start". Client is GNU/Linux (network-manager). All followed configs works perfectly on linux server. Sorry for my bad english. =2D- server config -- [Interface] Address =3D 10.66.66.1/24,fd42:42:42::1/64 ListenPort =3D 62346 PrivateKey =3D (private key) [Peer] PublicKey =3D (public key) PresharedKey =3D (psk key) AllowedIPs =3D 10.66.66.2/32,fd42:42:42::2/128 =2D- client config -- [Interface] PrivateKey =3D (private key) Address =3D 10.66.66.2/32,fd42:42:42::2/128 DNS =3D 94.140.14.14,94.140.15.15 [Peer] PublicKey =3D (public key) PresharedKey =3D (psk key) Endpoint =3D (endpoint):62346 AllowedIPs =3D 0.0.0.0/0,::/0 =2D- =E9=AD=94=E6=B3=95=E5=B0=91=E5=A5=B3=E3=83=AA=E3=83=AB=E3=83=86=E3=83=81=E3= =83=85=E3=83=87=E3=81=A7=E3=81=99=E3=82=88=E3=80=82 --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQJNBAEBCgA3FiEEAbBRoIRjq1x/LhdPuT3EB6aJ2cMFAmD5vjAZHHBvbHlha292 QGxpbHRlY2hkdWRlLnh5egAKCRC5PcQHponZw3pBD/4+yasFdev3hqZHV1/pPbjZ woec1AT4M3bVK3gU1cszPXpCaQR9w8JsYaLwQk5Rjm0flUDB56tie8e0Iof1aAdU vPe8WjH9I7UZy8qVlXLKC63SD07rtEfOH5gicB4Ybfh5qj0d249K95va0ZYrzNN0 ImkHsW34pLMqGoFVdmQ9lZ53iAKdQQt+srjusgFg567Jbv9UL2//O2ArFQlMvAmk 9SZmc5v+4tN3XLnIFo/YwO/R5VpBl5UTN2kGvHQ5m4Fiqwcl/+ACWfHx4fqw8VP+ qcXGC7BjovNrwqdvZ01IcAxRu4lXWrNP4B8/vvYV79VlQtGzfKM5hkbOfgQ59GeV sgXDvjyU+VfXpOiTcYFBJ+OhtXUzdTv+5Xsy1ZijZChTNuHJ6qWjnnVH5dytCRjy rezAhvGaGOXeRJ6n9htgxPVUV5fOyomRJiKtOjMJmwTiL5NxxZjEGbkkf2TL6fXf S/zx8ojctzEEd4N1g+nUoxFC1z69AX/mtZxAakV6QqGZZ+PNMzP+HLR4n3VrJYW6 mcuBrO/38Rf/hvcvn3HJPcAoI8IRwmDhlt4sBI3vgV7202ctWxkFT338gdwTi1lx QU7YV/CmD52W63rhWGi37WFW8JqGXVxvVrkkE7Hl8xP+Nfo6X6puWt/zxWZn7keV IpHIcB3EvONPsvpWj2KFiA== =LE+G -----END PGP SIGNATURE----- --=-=-=--