Ubuntu
network-manager package

  1. Bug #1955589
  2. Activity log

Activity log for bug #1955589

Date Who What changed Old value New value Message
2021-12-22 21:36:28 Paweł Dembicki bug added bug
2021-12-22 21:38:58 Paweł Dembicki description lsb_release -rd Description: Ubuntu 21.10 Release: 21.10 Wireguard from network-manager deosn't create route to server ip. It's a problem when "allowed ips" '0.0.0.0/0' are used. Steps to reproduce: Create wireguard connection with 0.0.0.0/0 Steps to workaround: add route 'ip ro add <SERVER IP> via <REGULAR GATEWAY>' Example: root@laptop:/home/krolik# nmcli wg0: connected to YYYYYY "wg0" wireguard, sw, mtu 1420 ip4 default inet4 172.16.15.5/24 route4 172.16.15.0/24 route4 0.0.0.0/0 route4 0.0.0.0/0 wlp2s0: connected to ZZZZZZ "Intel 8265 / 8275" wifi (iwlwifi), 98:2C:BC:28:4D:99, hw, mtu 1500 inet4 192.168.74.88/24 route4 192.168.74.0/24 route4 169.254.0.0/16 route4 0.0.0.0/0 inet6 fe80::855c:d923:50d1:f012/64 route6 fe80::/64 DNS configuration: servers: 8.8.8.8 interface: wg0 type: vpn servers: 8.8.8.8 interface: wlp2s0 Use "nmcli device show" to get complete information about known devices and "nmcli connection show" to get an overview on active connection profiles. Consult nmcli(1) and nmcli-examples(7) manual pages for complete usage details. root@laptop:/home/krolik# wg interface: wg0 public key: ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ private key: (hidden) listening port: 35784 fwmark: 0xcaf8 peer: ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ endpoint: <SERVER IP>:22223 allowed ips: 0.0.0.0/0 transfer: 0 B received, 1.01 KiB sent root@laptop:/home/krolik# ping 172.16.15.3 PING 172.16.15.3 (172.16.15.3) 56(84) bytes of data. ^C --- 172.16.15.3 ping statistics --- 2 packets transmitted, 0 received, 100% packet loss, time 1006ms root@laptop:/home/krolik# ip ro add <SERVER IP>/32 via 192.168.74.1 root@laptop:/home/krolik# wg interface: wg0 public key: ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ private key: (hidden) listening port: 35784 fwmark: 0xcaf8 peer: ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ endpoint: 178.235.52.140:22223 allowed ips: 0.0.0.0/0 latest handshake: 4 seconds ago transfer: 29.73 KiB received, 36.85 KiB sent root@laptop:/home/krolik# ip ro default via 172.16.15.3 dev wg0 proto static metric 50 default via 192.168.74.1 dev wlp2s0 proto static metric 600 169.254.0.0/16 dev wlp2s0 scope link metric 1000 172.16.15.0/24 dev wg0 proto kernel scope link src 172.16.15.5 metric 50 178.235.52.140 via 192.168.74.1 dev wlp2s0 192.168.74.0/24 dev wlp2s0 proto kernel scope link src 192.168.74.88 metric 600 root@laptop:/home/krolik# ping 172.16.15.3 PING 172.16.15.3 (172.16.15.3) 56(84) bytes of data. 64 bytes from 172.16.15.3: icmp_seq=1 ttl=64 time=48.7 ms 64 bytes from 172.16.15.3: icmp_seq=2 ttl=64 time=48.0 ms 64 bytes from 172.16.15.3: icmp_seq=3 ttl=64 time=46.8 ms 64 bytes from 172.16.15.3: icmp_seq=4 ttl=64 time=45.5 ms ^C --- 172.16.15.3 ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3003ms rtt min/avg/max/mdev = 45.473/47.266/48.743/1.245 ms lsb_release -rd Description: Ubuntu 21.10 Release: 21.10 Wireguard from network-manager deosn't create route to server ip. It's a problem when "allowed ips" '0.0.0.0/0' are used. Steps to reproduce: Create wireguard connection with 0.0.0.0/0 Steps to workaround: add route 'ip ro add <SERVER IP> via <REGULAR GATEWAY>' Example: root@laptop:/home/krolik# nmcli wg0: connected to YYYYYY         "wg0"         wireguard, sw, mtu 1420         ip4 default         inet4 172.16.15.5/24         route4 172.16.15.0/24         route4 0.0.0.0/0         route4 0.0.0.0/0 wlp2s0: connected to ZZZZZZ         "Intel 8265 / 8275"         wifi (iwlwifi), 98:2C:BC:28:4D:99, hw, mtu 1500         inet4 192.168.74.88/24         route4 192.168.74.0/24         route4 169.254.0.0/16         route4 0.0.0.0/0         inet6 fe80::855c:d923:50d1:f012/64         route6 fe80::/64 DNS configuration:         servers: 8.8.8.8         interface: wg0         type: vpn         servers: 8.8.8.8         interface: wlp2s0 Use "nmcli device show" to get complete information about known devices and "nmcli connection show" to get an overview on active connection profiles. Consult nmcli(1) and nmcli-examples(7) manual pages for complete usage details. root@laptop:/home/krolik# wg interface: wg0   public key: ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ   private key: (hidden)   listening port: 35784   fwmark: 0xcaf8 peer: ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ   endpoint: <SERVER IP>:22223   allowed ips: 0.0.0.0/0   transfer: 0 B received, 1.01 KiB sent root@laptop:/home/krolik# ping 172.16.15.3 PING 172.16.15.3 (172.16.15.3) 56(84) bytes of data. ^C --- 172.16.15.3 ping statistics --- 2 packets transmitted, 0 received, 100% packet loss, time 1006ms root@laptop:/home/krolik# ip ro add <SERVER IP>/32 via 192.168.74.1 root@laptop:/home/krolik# wg interface: wg0   public key: ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ   private key: (hidden)   listening port: 35784   fwmark: 0xcaf8 peer: ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ   endpoint: 178.235.52.140:22223   allowed ips: 0.0.0.0/0   latest handshake: 4 seconds ago   transfer: 29.73 KiB received, 36.85 KiB sent root@laptop:/home/krolik# ip ro default via 172.16.15.3 dev wg0 proto static metric 50 default via 192.168.74.1 dev wlp2s0 proto static metric 600 169.254.0.0/16 dev wlp2s0 scope link metric 1000 172.16.15.0/24 dev wg0 proto kernel scope link src 172.16.15.5 metric 50 <SERVER IP> via 192.168.74.1 dev wlp2s0 192.168.74.0/24 dev wlp2s0 proto kernel scope link src 192.168.74.88 metric 600 root@laptop:/home/krolik# ping 172.16.15.3 PING 172.16.15.3 (172.16.15.3) 56(84) bytes of data. 64 bytes from 172.16.15.3: icmp_seq=1 ttl=64 time=48.7 ms 64 bytes from 172.16.15.3: icmp_seq=2 ttl=64 time=48.0 ms 64 bytes from 172.16.15.3: icmp_seq=3 ttl=64 time=46.8 ms 64 bytes from 172.16.15.3: icmp_seq=4 ttl=64 time=45.5 ms ^C --- 172.16.15.3 ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3003ms rtt min/avg/max/mdev = 45.473/47.266/48.743/1.245 ms