Date: Fri, 16 Sep 2022 12:51:36 +0000 From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 261711] net/wireguard-kmod: Cannot send data over VXLAN / vtnet Message-ID: <bug-261711-7788-zBG40bCNSM@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-261711-7788@https.bugs.freebsd.org/bugzilla/> References: <bug-261711-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D261711 --- Comment #7 from marco@tols.org --- Hi there, I have the same issue. Hopefully my submission of uname -a and pkg info wireguard-kmod will help this bug progress further. I'm sure if this bug g= ets resolved, it will also resolve my issue. For completeness my setup is this: - 2x 13.1-RELEASE-p2 host - no firewalls active - Working wireguard setup (can ssh from one to the other via the wireguard = IPs) - Working vxlan over ipsec setup, traffic across the vxlan tunnel ends up on the other side. In my case the vxlan interfaces are bridged to a real interface so that I end up having a stretched ethernet network. When I change the vxlanlocal and vxlanremote on both ends from the ipsec ip addresses to the wireguard ip adresses the traffic across the vxlan tunnel = does not end up on the other side any more. I do see the udp/4789 packets arriv= e on the wg0 interface, but they don't seem to make it into the vxlan interface. My suspicion is that by the time the packets get decrypted by the wireguard setup, it's too late to have them get processed by vxlan. This is pure speculation. My `uname -a` is this: (identical on both ends) FreeBSD <hostname> 13.1-RELEASE-p2 FreeBSD 13.1-RELEASE-p2 GENERIC amd64 my `pkg info wireguard-kmod` is this: wireguard-kmod-0.0.20220615 Name : wireguard-kmod Version : 0.0.20220615 Installed on : Fri Sep 16 11:29:06 2022 CEST Origin : net/wireguard-kmod Architecture : FreeBSD:13:amd64 Prefix : /usr/local Categories : net-vpn net kld Licenses : MIT Maintainer : decke@FreeBSD.org WWW : https://git.zx2c4.com/wireguard-freebsd/ Comment : WireGuard implementation for the FreeBSD kernel Annotations : FreeBSD_version: 1301000 repo_type : binary repository : FreeBSD Flat size : 144KiB Description : Kernel module for FreeBSD to support Wireguard. At this time this code is new, unvetted, possibly buggy, and should be considered "experimental". It might contain security issues. We gladly welcome your testing and bug reports, but do keep in mind that this code is new, so some caution should be exercised at the moment for using it in mission critical environments. WWW: https://git.zx2c4.com/wireguard-freebsd/ --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-261711-7788-zBG40bCNSM>