Endpoints are not in sync (latest handshake)

Mats Loman mats.loman at rte.se
Wed Aug 24 05:32:51 UTC 2022 

> I have two wireguard endpoints that has different opinions about when the last handshake was made:
> 
> interface: wg0
>   public key: PauftxCvmti7CDDZ9yj6EKZ+r9zQj6gjb9hvP1whzwQ=
>   private key: (hidden)
>   listening port: 17395
>
> peer: s5dnr91F06+AQ/3o5urOM5Dc1f0gzHOsGjwD+AEmwDA=
>   endpoint: 192.168.201.24:17395
>   allowed ips: 192.168.26.197/32, 192.168.201.38/32
>   latest handshake: 8 hours, 42 minutes, 30 seconds ago
>   transfer: 260.73 GiB received, 313.35 GiB sent
>
> And:
>
> interface: wg0
>   public key: s5dnr91F06+AQ/3o5urOM5Dc1f0gzHOsGjwD+AEmwDA=
>   private key: (hidden)
>   listening port: 17395
>
> peer: PauftxCvmti7CDDZ9yj6EKZ+r9zQj6gjb9hvP1whzwQ=
>   endpoint: 192.168.201.23:17395
>   allowed ips: 192.168.26.200/32, 192.168.201.249/32
>   latest handshake: 2 minutes, 15 seconds ago
>   transfer: 282.13 GiB received, 276.13 GiB sent
> 
> It is not possible  to send data through the tunnel  in both directions only in one direction.
> 
> It is pretty easy to repeat this situation:
> Send UDP packets through the tunnel at a speed that wireguard cannot keep up with. I expect packet loss in this case but not that the tunnel is "partially closed".
>
> Any ideas?
> 
> Best regards,
> Mats Loman

Adding more information:

One side:

.
.
.
[71254.512872] wireguard: wg0: Receiving handshake initiation from peer 2 (192.168.201.48:17395)
[71254.512939] wireguard: wg0: Sending handshake response to peer 2 (192.168.201.48:17395)
[71254.527580] wireguard: wg0: Keypair 1399 destroyed for peer 2
[71254.527642] wireguard: wg0: Keypair 1400 created for peer 2
[71284.585205] wireguard: wg0: Receiving handshake initiation from peer 2 (192.168.201.48:17395)
[71284.585267] wireguard: wg0: Sending handshake response to peer 2 (192.168.201.48:17395)
[71284.592697] wireguard: wg0: Keypair 1400 destroyed for peer 2
[71284.592715] wireguard: wg0: Keypair 1401 created for peer 2
[71314.024610] wireguard: wg0: Receiving handshake initiation from peer 2 (192.168.201.48:17395)
[71314.024671] wireguard: wg0: Sending handshake response to peer 2 (192.168.201.48:17395)
[71314.032095] wireguard: wg0: Keypair 1401 destroyed for peer 2
[71314.032113] wireguard: wg0: Keypair 1402 created for peer 2
[71344.744295] wireguard: wg0: Receiving handshake initiation from peer 2 (192.168.201.48:17395)
[71344.744356] wireguard: wg0: Sending handshake response to peer 2 (192.168.201.48:17395)
[71344.751780] wireguard: wg0: Keypair 1402 destroyed for peer 2
[71344.751799] wireguard: wg0: Keypair 1403 created for peer 2
[71362.663988] wireguard: wg0: Receiving handshake initiation from peer 2 (192.168.201.48:17395)
[71362.664048] wireguard: wg0: Sending handshake response to peer 2 (192.168.201.48:17395)
[71362.671474] wireguard: wg0: Keypair 1403 destroyed for peer 2
[71362.671493] wireguard: wg0: Keypair 1404 created for peer 2

The other side:

.
.
.
[71974.055151] wireguard: wg0: Sending handshake initiation to peer 12 (192.168.201.47:17395)
[71974.076684] wireguard: wg0: Receiving handshake response from peer 12 (192.168.201.47:17395)
[71974.076775] wireguard: wg0: Keypair 1427 destroyed for peer 12
[71974.076789] wireguard: wg0: Keypair 1429 created for peer 12
[71974.076815] wireguard: wg0: Sending keepalive packet to peer 12 (192.168.201.47:17395)
[72004.134540] wireguard: wg0: Retrying handshake with peer 12 (192.168.201.47:17395) because we stopped hearing back after 15 seconds
[72004.134650] wireguard: wg0: Sending handshake initiation to peer 12 (192.168.201.47:17395)
[72004.155991] wireguard: wg0: Receiving handshake response from peer 12 (192.168.201.47:17395)
[72004.156080] wireguard: wg0: Keypair 1428 destroyed for peer 12
[72004.156094] wireguard: wg0: Keypair 1430 created for peer 12
[72004.156121] wireguard: wg0: Sending keepalive packet to peer 12 (192.168.201.47:17395)
[72025.894170] wireguard: wg0: Retrying handshake with peer 12 (192.168.201.47:17395) because we stopped hearing back after 15 seconds
[72025.894294] wireguard: wg0: Sending handshake initiation to peer 12 (192.168.201.47:17395)
[72025.915688] wireguard: wg0: Receiving handshake response from peer 12 (192.168.201.47:17395)
[72025.915779] wireguard: wg0: Keypair 1429 destroyed for peer 12
[72025.915794] wireguard: wg0: Keypair 1431 created for peer 12
[72025.915820] wireguard: wg0: Sending keepalive packet to peer 12 (192.168.201.47:17395)
[72041.893912] wireguard: wg0: Retrying handshake with peer 12 (192.168.201.47:17395) because we stopped hearing back after 15 seconds
[72041.894025] wireguard: wg0: Sending handshake initiation to peer 12 (192.168.201.47:17395)
[72041.915460] wireguard: wg0: Receiving handshake response from peer 12 (192.168.201.47:17395)
[72041.915551] wireguard: wg0: Keypair 1430 destroyed for peer 12
[72041.915566] wireguard: wg0: Keypair 1432 created for peer 12
[72041.915591] wireguard: wg0: Sending keepalive packet to peer 12 (192.168.201.47:17395)


/Mats Loman

More information about the WireGuard mailing list