Source IP incorrect on multi homed systems
Nico Schottelius
nico.schottelius at ungleich.ch
Sun Feb 19 20:02:38 UTC 2023
Hello Christoph,
Christoph Loesch <wireguard-mail at chil.at> writes:
> @Nico: did you try to delete the affected route and add it again with the correct source IP ?
No, I did not because the routes are really dynamic on the affected
systems and I would need to overwrite the BGP routes with a better
metric, which in turn will likely break the return path.
> as I mentioned it in https://lists.zx2c4.com/pipermail/wireguard/2021-November/007324.html
>
> ip route del <NET>
> ip route add <NET> dev <ALIAS_DEV> src <SRC_IP>
>
> This way I was able to (at least temporary) fix this issue on multi homed systems.
Much appreciate the hint. However changing routes manually on as many
routers/vpn endpoints as we have is not a practical solution. To fix the
current project's issue we have shifted the VPN endpoint to a single
homed device for the moment.
Best regards,
Nico
--
Sustainable and modern Infrastructures by ungleich.ch
More information about the WireGuard
mailing list