WireGuard responses a Handshake Initiation packet with another Handshake Initiation instead of Handshake Response

Silvan Nagl mail at 53c70r.de
Thu Jun 3 19:30:39 UTC 2021


Reproducible:

Client_a <-> Gateway_a <-> Internet <-> Server_b

When Gateway_a changes its WAN-IP Client_a loses connection.
Capture files show the state after the IP change.

On 6/3/21 8:43 AM, Arınç ÜNAL wrote:
> I tried wg syncconf wg0 <(wg-quick strip wg0) without success.
>
> Only restarting wireguard by systemctl restart wg-quick at wg0 makes it
> respond with a Handshake Response packet.
>
> This happens really rarely and especially on OpenWrt 19.07 as a client.
>
> Other clients can handshake properly while the server fails to
> complete the handshake for the OpenWrt device.
>
> Packet Captures on boths sides are in the attachments.
>
> Server:
> 5.9.0-0.bpo.5-amd64 #1 SMP Debian 5.9.15-1~bpo10+1 (2020-12-31) x86_64 GNU/Linux
> wireguard-tools v1.0.20210223 - https://git.zx2c4.com/wireguard-tools/
> wireguard-dkms/buster-backports,now 1.0.20210219-1~bpo10+1
>
> Client:
> 4.14.221 #0 SMP Mon Feb 15 15:22:37 2021 armv7l GNU/Linux
> wireguard-tools v1.0.20191226 - https://git.zx2c4.com/wireguard-tools/
> kmod-wireguard 4.14.221+1.0.20200611-2
>
> Arınç Ü.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: server.pcap
Type: application/vnd.tcpdump.pcap
Size: 1054 bytes
Desc: not available
URL: <http://lists.zx2c4.com/pipermail/wireguard/attachments/20210603/da84ecf5/attachment.pcap>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: client.pcap
Type: application/vnd.tcpdump.pcap
Size: 1260 bytes
Desc: not available
URL: <http://lists.zx2c4.com/pipermail/wireguard/attachments/20210603/da84ecf5/attachment-0001.pcap>


More information about the WireGuard mailing list