Syntax for iperf3 to use over pair wireguard interfaces on a LAN?
John
graysky at archlinux.us
Tue Dec 18 20:49:03 CET 2018
I want to get iperf3 to benchmark a simple wireguard setup on my LAN.
I have two machines, foo is 192.168.1.228 and bar is 192.168.1.112.
These IP addresses are fully functional on their respective eth0
interfaces. Each one also has a wg0 interface configured as shown
below. I can get iperf3 to work over the non-wireguard interfaces,
but not over the wireguard interfaces. What am using iperf3 wrong?
Did I misconfigure wg?
Details:
Here are the /etc/wireguard/wg0.conf files for both machines (I don't
care if the public/private keys are present/this is only a test
environment and it will allow others to simply copy/paste if they want
to test as well):
On foo:
####
[Interface]
Address = 10.0.9.15/24
SaveConfig = true
ListenPort = 500
PrivateKey = kLac+M+JJJ+gpsKo1DeUyfuwfDwGeKMj81+M3Z3mUkw=
[Peer]
PublicKey = y6DrsFVIgqBMc8joSuEytCpQEywk5dPKRoeLZZC9H34=
AllowedIPs = 10.0.9.16/32
####
On bar:
####
[Interface]
Address = 10.0.9.16/24
SaveConfig = true
ListenPort = 500
FwMark = 0xca6c
PrivateKey = 4EwMqSyvLaHrv5JvAAyKnmdbw9UN4rsjydkPXb5ll28=
[Peer]
PublicKey = SkBs9t96znOr+d60tgPlXkp7z6YABvfxD9KNVzZIP3I=
AllowedIPs = 0.0.0.0/0
Endpoint = 192.168.1.228:500
####
Again, both wireguard interfaces are up and connected. For example, on foo:
# wg
interface: wg0
public key: SkBs9t96znOr+d60tgPlXkp7z6YABvfxD9KNVzZIP3I=
private key: (hidden)
listening port: 500
peer: y6DrsFVIgqBMc8joSuEytCpQEywk5dPKRoeLZZC9H34=
endpoint: 192.168.1.112:500
allowed ips: 10.0.9.16/32
latest handshake: 10 minutes, 41 seconds ago
transfer: 32.45 KiB received, 8.24 KiB sent
If I run iperf3 in server mode on foo and in client mode on bar, it
works as expected using the non-wireguard interfaces:
On foo:
% iperf3 -s -B 192.168.1.228
-----------------------------------------------------------
Server listening on 5201
-----------------------------------------------------------
Accepted connection from 192.168.1.112, port 58575
[ 5] local 192.168.1.228 port 5201 connected to 192.168.1.112 port 46261
[ ID] Interval Transfer Bitrate
[ 5] 0.00-1.00 sec 107 MBytes 900 Mbits/sec
[ 5] 1.00-2.00 sec 112 MBytes 939 Mbits/sec
[ 5] 2.00-3.00 sec 112 MBytes 940 Mbits/sec
[ 5] 3.00-4.00 sec 112 MBytes 938 Mbits/sec
[ 5] 4.00-5.00 sec 112 MBytes 940 Mbits/sec
[ 5] 4.00-5.00 sec 112 MBytes 940 Mbits/sec
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval Transfer Bitrate
[ 5] 0.00-5.00 sec 596 MBytes 1.00 Gbits/sec receiver
iperf3: the client has terminated
On bar:
% iperf3 -c 192.168.1.228 -B 192.168.1.112
Connecting to host 192.168.1.228, port 5201
[ 5] local 192.168.1.112 port 46261 connected to 192.168.1.228 port 5201
[ ID] Interval Transfer Bitrate Retr Cwnd
[ 5] 0.00-1.00 sec 113 MBytes 950 Mbits/sec 0 281 KBytes
[ 5] 1.00-2.00 sec 112 MBytes 939 Mbits/sec 0 296 KBytes
[ 5] 2.00-3.00 sec 112 MBytes 938 Mbits/sec 0 296 KBytes
[ 5] 3.00-4.00 sec 112 MBytes 938 Mbits/sec 0 296 KBytes
[ 5] 4.00-5.00 sec 112 MBytes 944 Mbits/sec 0 308 KBytes
^C[ 5] 5.00-5.33 sec 36.7 MBytes 939 Mbits/sec 0 308 KBytes
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval Transfer Bitrate Retr
[ 5] 0.00-5.33 sec 598 MBytes 942 Mbits/sec 0 sender
[ 5] 0.00-5.33 sec 0.00 Bytes 0.00 bits/sec receiver
iperf3: interrupt - the client has terminated
When I try using the IP addresses of the respective wireguard
interfaces, I get nothing:
On foo:
% iperf3 -s -B 10.0.9.15
-----------------------------------------------------------
Server listening on 5201
-----------------------------------------------------------
On bar:
% iperf3 -c 10.0.9.15 -B 10.0.9.16
iperf3: error - unable to connect to server: Connection timed outa
More information about the WireGuard
mailing list