Troubleshooting WireGuard connections
Riccardo Berto
riccardo at rcrdbrt.com
Sat Apr 14 00:36:25 CEST 2018
I didn't think about using tcpdump by checking the default interface,
thanks for the suggestion!
I updated to the April 2018 snapshot on every peer.
I removed the server endpoints and since I was there, switched the
server port to 51820, the protocol "default" one. It still works for the
laptop but not on the 2 Raspberry Pis. When I run `ping 10.0.0.1` from
one of them and `tcpdump -i ens3 'port 51820'` on the server, I promptly
get this message:
00:20:36.146370 IP (tos 0x0, ttl 52, id 16258, offset 0, flags [none],
proto UDP (17), length 176)
net-2-34-88-190.cust.vodafonedsl.it.51821 > rcrd-online.51820: [udp
sum ok] UDP, length 148
and it stops there, with no ping answers. When I stop the ping command
with Ctrl-C, after a few moments I get:
00:20:36.146853 IP (tos 0x88, ttl 64, id 12226, offset 0, flags [none],
proto UDP (17), length 120)
rcrd-online.51820 > net-2-34-88-190.cust.vodafonedsl.it.51821: [bad
udp cksum 0x8ebc -> 0xabb8!] UDP, length 92
and then STDOUT returns silent... Inexorably waiting for some other
packet that never arrives...
Trying `ping 10.0.0.1` from the laptop (that has always worked with 0
issues) works correctly but tcpdump on the server shows a bad UDP
checksum, not sure if this is expected behavior.
More information about the WireGuard
mailing list