RX Errors from Android Peer

Eddie stunnel at attglobal.net
Thu Apr 26 00:28:40 CEST 2018


Not sure I follow you.

The Android app, I thought, was designed to send all traffic out via the 
tunnel.  It's configuration would be, in Linux format:

Address =
PrivateKey = Android private key

PublicKey = Linux public key
AllowedIPs =, ::/0
Endpoint = MyServer.net:51820

So all the traffic sent, should be from  The 
corresponding Linux configuration is:

PrivateKey = Linux private key
ListenPort = 51820

PublicKey = Android public key
AllowedIPs =

PublicKey = Laptop public key
AllowedIPs =

The RX errors go up immediately I connect and stop increasing when I 
disconnect.  They are NOT random pokes at my server from script-kiddies, 
which i would have thought would have been dropped silently.

So, I don't see how the source IP wouldn't match the allowed-ip.


On 4/25/2018 2:18 PM, Jason A. Donenfeld wrote:
> Hi Eddie,
> Those RX frame errors are caused by the interface receiving packets
> that have a source IP not included in the allowed-ips list of the
> peer.
> https://git.zx2c4.com/WireGuard/tree/src/receive.c#n351
> Jason

More information about the WireGuard mailing list