<html><head></head><body><div class="ydp106fda73yahoo-style-wrap" style="font-family: Helvetica Neue, Helvetica, Arial, sans-serif; font-size: 13px;"><div></div>
<div dir="ltr" data-setdir="false">Hi Eddie,</div><div dir="ltr" data-setdir="false"><br></div><div dir="ltr" data-setdir="false">Thanks for the response, I figured is was something with either the kernel or iproute and I guess either the kernel does not support it or the iproute2 version does not "completely support it" or has a bug.</div><div dir="ltr" data-setdir="false"><br></div><div dir="ltr" data-setdir="false">On your note about updating the kernel, the funny thing is initially I tried this on Oracle Linux (that comes with <span style="orphans: 2; white-space: pre-wrap; widows: 2;">4.14.35-1902.3.1.el7uek.x86_64</span>) by default and when I was ending up in kernel panics, so I though it might be because the kernel is too new or something.</div><div dir="ltr" data-setdir="false"><br></div><div dir="ltr" data-setdir="false">For the moment I resolved my problem installing a Ubuntu that works without any issue.</div><div dir="ltr" data-setdir="false"><br></div><div dir="ltr" data-setdir="false">I still have the Oracle Linux machine (<span style="orphans: 2; white-space: pre-wrap; widows: 2;">4.14.35-1902.3.1.el7uek.x86_64</span>) so if anyone want to me to do any debug and provide the response, I am happy to do it.</div><div><br></div><div dir="ltr" data-setdir="false">Although it might or not be relevant all are Virtual Machine in Hyper-v, both the ubuntu one(working) and the Centos(failing one) and the Oracle Linux(kernel panics one)</div><div dir="ltr" data-setdir="false"><br></div><div dir="ltr" data-setdir="false">Thanks</div><div dir="ltr" data-setdir="false"><br></div><div dir="ltr" data-setdir="false">George</div><div><br></div>
</div><div id="ydp4c9f00cyahoo_quoted_0017166492" class="ydp4c9f00cyahoo_quoted">
<div style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;font-size:13px;color:#26282a;">
<div>
On Tuesday, 24 September 2019, 06:29:07 pm GMT+3, Eddie <stunnel@attglobal.net> wrote:
</div>
<div><br></div>
<div><br></div>
<div><div id="ydp4c9f00cyiv8422985666"><div>
I'll just repeat verbatim the response I got from Silvan (thank you)
when I reported the same issue previously:<br clear="none">
<br clear="none">
The main problem is that the current standard kernel of CentOS
simple does not support the handling of "suppress_prefixlength".
<br clear="none">
Iproute2 supports it since it does not return any error while adding
so it had to be the kernel causing problems.
<br clear="none">
In essence Red Hats official answer was "It isn't a bug, RHEL7
simple does not support it".
<br clear="none">
If you sill want to fix your problem just upgrade your kernel to
long-term or mainline.
<br clear="none">
<br clear="none">
Cheers.<br clear="none">
<br clear="none">
<div class="ydp4c9f00cyiv8422985666yqt0485898892" id="ydp4c9f00cyiv8422985666yqtfd86823"><div class="ydp4c9f00cyiv8422985666moz-cite-prefix">On 9/16/2019 11:47 AM, George Lucan
wrote:<br clear="none">
</div>
<blockquote type="cite">
</blockquote></div></div><div class="ydp4c9f00cyiv8422985666yqt0485898892" id="ydp4c9f00cyiv8422985666yqtfd13712"></div><div><div class="ydp4c9f00cyiv8422985666yqt0485898892" id="ydp4c9f00cyiv8422985666yqtfd31415"><div class="ydp4c9f00cyiv8422985666ydpb7fc655cyahoo-style-wrap" style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;font-size:13px;">
<div dir="ltr">Hello,</div>
<div dir="ltr"><br clear="none">
</div>
<div dir="ltr">Some further investigations
have revealed that actually the "second main" table gets
created by the last command executed by wg-quick "<span style="orphans:2;white-space:pre-wrap;widows:2;">ip -4 rule add table main suppress_prefixlength 0</span>".
Will try to figure out what is happening further.</div>
<div dir="ltr"><br clear="none">
</div>
<div dir="ltr">George</div>
<div><br clear="none">
</div>
</div>
</div><div class="ydp4c9f00cyiv8422985666ydp88fb36beyahoo_quoted" id="ydp4c9f00cyiv8422985666ydp88fb36beyahoo_quoted_8919518802"><div class="ydp4c9f00cyiv8422985666yqt0485898892" id="ydp4c9f00cyiv8422985666yqtfd99347">
</div><div style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;font-size:13px;color:#26282a;"><div class="ydp4c9f00cyiv8422985666yqt0485898892" id="ydp4c9f00cyiv8422985666yqtfd87614">
<div> On Sunday, 15 September 2019, 9:32:41 pm GMT+3, George
Lucan <a shape="rect" class="ydp4c9f00cyiv8422985666moz-txt-link-rfc2396E" href="mailto:boss_geo2005@yahoo.com" rel="nofollow" target="_blank"><boss_geo2005@yahoo.com></a> wrote: </div>
<div><br clear="none">
</div>
<div><br clear="none">
</div>
</div><div><div class="ydp4c9f00cyiv8422985666yqt0485898892" id="ydp4c9f00cyiv8422985666yqtfd90640">
</div><div id="ydp4c9f00cyiv8422985666ydp88fb36beyiv3767299611"><div class="ydp4c9f00cyiv8422985666yqt0485898892" id="ydp4c9f00cyiv8422985666yqtfd08887">
</div><div><div class="ydp4c9f00cyiv8422985666yqt0485898892" id="ydp4c9f00cyiv8422985666yqtfd84484">
</div><div class="ydp4c9f00cyiv8422985666ydp88fb36beyiv3767299611ydpceb13acfyahoo-style-wrap" style="font-size:13px;"><div class="ydp4c9f00cyiv8422985666yqt0485898892" id="ydp4c9f00cyiv8422985666yqtfd78251">
<div dir="ltr" style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;">Hello,</div>
<div dir="ltr" style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;"><br clear="none">
</div>
<div dir="ltr" style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;">I have been trying
for several days to setup a wireguard vpn and send
all the traffic from a VM to another site (redirect
gateway scenario).</div>
<div dir="ltr" style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;"><br clear="none">
</div>
<div dir="ltr" style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;">Site A</div>
<div dir="ltr" style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;">OS is Centos 7.6
installed with docker and wireguard installed</div>
<div dir="ltr" style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;"><br clear="none">
</div>
<div dir="ltr" style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;">Site B</div>
<div dir="ltr" style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;">OS is a Opensense
19.7.4 with wireguard installed from the plugin and
a bunch of other things on it</div>
<div dir="ltr" style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;"><br clear="none">
</div>
<div dir="ltr" style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;">I believe the issue
is within Ip route on Centos 7.6 but I am reaching
out for maybe different opinions.</div>
<div dir="ltr" style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;">On the Centos VM I am
using wireguard installed from the repos on the
website and using systemd to bring up the tunnel.
Everything seem to be brought up correctly except
that the traffic does not go through the tunnel.</div>
<div dir="ltr" style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;"><br clear="none">
</div>
<div dir="ltr" style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;">Further investigating
I noticed something unusual (in my opinion).</div>
<div dir="ltr" style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;"><br clear="none">
</div>
<div dir="ltr" style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;">Before the tunnel is
up:</div>
<div dir="ltr" style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;">
<div dir="ltr">
<pre style="orphans:2;widows:2;">#ip rule show
0: from all lookup local
32766: from all lookup main
32767: from all lookup default </pre>
</div>
</div>
<div dir="ltr" style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;">After the tunnel is
up:</div>
<div dir="ltr">
<div dir="ltr">
<pre style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;orphans:2;widows:2;">#ip rule show
0: from all lookup local
32764: from all lookup main
32765: not from all fwmark 0xca6c lookup 51820
32766: from all lookup main
32767: from all lookup default </pre>
<pre style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;orphans:2;widows:2;"><span><span style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;">To me is seems like somehow there are 2 tables named "main" one after the new table created by wg-quick (looking at the priority it seems it is the same one that was present previously) and another one that gets create out of thin air before the wireguard created one named 51820.</span></span></pre>
<pre style="orphans:2;widows:2;"><span style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;">Ping works through the tunnel for IP to the other end of the tunnel</span></pre>
<pre style="orphans:2;widows:2;"></pre><div dir="ltr"><pre>#wg
interface: wg0
public key: 8JXLXfl1W2xZd1T+zaCKSNB+FhUbb1IquIHvHhY7/iY=
private key: (hidden)
listening port: 34559
fwmark: 0xca6c
peer: 04kTPSrh08X5uOCmL5aM1iCm8UqFHGtJDsrsPReafS8=
endpoint: 188.27.172.68:1300
allowed ips: 0.0.0.0/0
latest handshake: 1 minute, 41 seconds ago
transfer: 87.85 KiB received, 415.61 KiB sent
persistent keepalive: every 15 seconds</pre><pre></pre><div dir="ltr"><pre># ping 192.168.249.1
PING 192.168.249.1 (192.168.249.1) 56(84) bytes of data.
64 bytes from 192.168.249.1: icmp_seq=1 ttl=64 time=89.2 ms
64 bytes from 192.168.249.1: icmp_seq=2 ttl=64 time=89.5 ms</pre></div></div>
</div>
</div>
</div><div dir="ltr" style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;"><div class="ydp4c9f00cyiv8422985666yqt0485898892" id="ydp4c9f00cyiv8422985666yqtfd01669"><span>
</span><pre style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;orphans:2;widows:2;">Is there any step that I might have missed or any kernel feature that would explain the behaviour?</pre>
<pre style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;orphans:2;widows:2;">Worth mentioning it is a home env so I can test whatever is needed to get to the bottom of it.</pre>
<pre style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;orphans:2;widows:2;"></pre>
<pre style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;orphans:2;widows:2;">Thanks</pre>
<pre style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;orphans:2;widows:2;"></pre>
<pre style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;orphans:2;widows:2;">George</pre></div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<br clear="none">
<fieldset class="ydp4c9f00cyiv8422985666mimeAttachmentHeader"></fieldset>
<pre class="ydp4c9f00cyiv8422985666moz-quote-pre">_______________________________________________
WireGuard mailing list
<a shape="rect" class="ydp4c9f00cyiv8422985666moz-txt-link-abbreviated" href="mailto:WireGuard@lists.zx2c4.com" rel="nofollow" target="_blank">WireGuard@lists.zx2c4.com</a>
<a shape="rect" class="ydp4c9f00cyiv8422985666moz-txt-link-freetext" href="https://lists.zx2c4.com/mailman/listinfo/wireguard" rel="nofollow" target="_blank">https://lists.zx2c4.com/mailman/listinfo/wireguard</a><div class="ydp4c9f00cyiv8422985666yqt0485898892" id="ydp4c9f00cyiv8422985666yqtfd08795">
</div></pre><div class="ydp4c9f00cyiv8422985666yqt0485898892" id="ydp4c9f00cyiv8422985666yqtfd34584">
<br clear="none">
</div></div></div></div>
</div>
</div></body></html>