Re[2]: problem wireguard + ospf + unconnected tunnels

ae aeforeve at mail.ru
Fri Jul 7 17:47:02 CEST 2017


>So, is the problem you actually want help with actually getting A and C 
>to talk to eachother?
>If so, we'll need to see the configs you're using on both ends of the 
>tunnel. I'd also suggest checking your firewalls in this case.
>
>And ospf is simply refusing to use the A<->C but is still working just 
>fine across A<->B?
>If so, that's normal.
>If A<->B also stops working due to the "No buffer space available" 
>error, that is a bug with quagga. (which we can try to (get) fix(ed) in 
>that situation)
>
>Sorry if it seems obvious, I'm simply trying to get a grasp as to what 
>the actual problem you want help with is.
>
I gave an accurate description of the problem
Its essence is that the buffer overflow - which occurs when sending to the socket in the essence of being on an unconnected tunnel - blocks any other references from this socket to other networks

That is, a non-working tunnel can block ANY socket from which the traffic is sent to different points

If you do not consider this a problem - then indicate in the documentation that this tunnel is partially incompatible with the guage ospf and can lead to not just diagnosed problems in the network

And if you want to simulate the situation - then
wg setconf wg0 wg0.conf  (standart setting - tunnel to random host - 0.0.0.0/0 dst)
ip route add 10.192.122.3 dev wg0

import socket
import time
UDP_IP = "127.0.0.1"
UDP_PORT = 5005
UDP_IP2 = "10.192.122.3"
UDP_PORT2 = 5005
MESSAGE = "Hello, World!"
sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) # UDP
n = 0
while True:
    print "send1", n
    sock.sendto(MESSAGE, (UDP_IP, UDP_PORT))
    print "send2", n
    sock.sendto(MESSAGE, (UDP_IP2, UDP_PORT2))
    time.sleep(0.1)
    n+=1


and run
The application will be blocked after 20 seconds
The application will be blocked after 20 seconds
it is not right

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/wireguard/attachments/20170707/eb65d79a/attachment.html>


More information about the WireGuard mailing list