macOS wireguard client: traffic to wireguard interface self IP travels through VPN server
Dmitrij Gusev
dmitrij.gusev at zealid.com
Wed Jan 6 16:46:40 UTC 2021
Hello.
We just started to use the WireGuard VPN in our company.
Thanks for the great software!
I discovered, that while using the macOS wireguard client a traffic to the wireguard interface self IP travels through VPN server.
So for example if I ping wireguard interface self IP from macOS machine - both echo-request and echo-reply goes through WireGuard VPN server’s nftables “forward" chain.
Normally this kind of traffic is expected to travel locally.
Is it a bug in the WireGuard macOS client or is it related to macOS network (tunnel) stack glitches?
Are you already aware of a such behaviour?
macOS Big Sur version 11.1
WireGuard app version 1.0.12 (22)
macOS wireguard config looks like this:
[Interface]
PrivateKey = <PRIV KEY>
Address = 10.0.0.5/24
DNS = 10.1.0.53, example.local
[Peer]
PublicKey = <PUB KEY>
AllowedIPs = 0.0.0.0/0
Endpoint = vpn-srv.example.com:28283
PersistentKeepalive = 20
Thanks,
Dmitrij Gusev
System Architect
dmitrij.gusev at zealid.com
+370 6330 5550
ZealiD
More information about the WireGuard
mailing list