Re: Samsung Galaxy S10e can’t reach local devices in network

[Jason A. Donenfeld]

Hi David,

I haven't seen other reports like this before, so I'm not really sure off hand.

Firstly, do the Macbook and the Thinkpad respond to pings in the first
place? Modern macOS and Windows have built-in firewalls that usually
prevent this. So make sure that the pings work without WireGuard part
of the equation. If you've done this, and it works without WireGuard,
and it doesn't work with WireGuard, then we can proceed assuming this
is an issue with WireGuard.

That config seems fine on a cursory glance. You mentioned that this
only happens on certain phones. Which Android phones work as intended,
and which do not? Which operating system versions are each of these
running? The more general information about this that you can provide,
the more we can narrow it down.

Between Android releases, there have been subtle changes in their
routing particulars, and between Android vendors, I've seen aggressive
power management policies affecting WireGuard, and between Android
configurations, I've seen newer features like DoH/DoT confusing the
VPN subsystem too. And there may be other weird patterns and quirks
too. If this really is a problem with "phone X but not phone Y," we'll
need some more smells to find out what's going on.

Alternatively, you can dump `ip route show table all` and `ip rule
show` and `iptables-save` on each of the phones and see if you notice
an obvious difference in the routing that netd sets up. That might not
lead to a fix of the issue, but it might add more precision to why
it's not working as intended.

Jason