something affects wg iface - how to troubleshoot ?

[Ashish]

On Thu, May 26, 2022 at 11:36:37AM +0100, lejeczek wrote:
> Hi guys.
> 
> I have quite a peculiar case which possibly might interest anybody - as
> oppose to just resolving an issue.
> I use a very popular monitoring tool 'monit' to monit my wg0 iface and that
> works okey, meaning 'monit' does not see any issue with wg0, but _only_ if
> 'qbittorrent' is _not_ running!
> When 'qbittorrent' is running 'monit' is reporting:
> 
> 'wg0' 5 upload errors detected
> 'wg0' trying to restart
> 'wg0' stop: '/usr/bin/systemctl stop wg-quick at wg0.service'
> 'wg0' start: '/usr/bin/systemctl start wg-quick at wg0.service'
> 'wg0' download errors check succeeded
> 
> in my case monit's action is to restart wg0 iface.
> 'qbittorrent' is not, should not be, particularly interested in wg0 iface.
> 
> What do you think is happening there? I'm on Centos 9. Is some kind of
> leakage or something more sinister happening there?
> Lastly, how to investigate this, how to tell what is happening to wg iface?

If I've to make a rough guess without looking at your exact monit configuration, I would say qbittorrent is choking the network interface, causing the wireguard packets to be delayed:

You can verify this by:

 - stopping all the upload/download activity in qbittorrent

 - if previous step works as expected for you, then you can implement some speed throttling in qbittorrent

You can also verifying by tcpdump-ing the underlying interface (e.g. eth0, and not wg0) for the wireguard traffic and see if it's going out, and coming back in as expected.

HTH
-- 
Ashish | GPG: F682 CDCC 39DC 0FEA E116  20B6 C746 CFA9 E74F A4B0

"If I destroy you, what business is it of yours ?" (Dark Forest, Liu Cixin)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 963 bytes
Desc: not available
URL: <http://lists.zx2c4.com/pipermail/wireguard/attachments/20220531/52e70169/attachment.sig>