Categories
Linux Network Security Ubuntu

WireGuard – Minor Bumps in the Road

A couple of issues I’ve ran into whilst using WireGuard:

IPv6 preferred over IPv4

I use DDNS at home on my Mikrotik with the /ip cloud feature, it is a really simple way to map a dynamic IP address to a static host name.

I used this static host name for the Wireguard server, unfortuantly the IPv6 address is for the router rather than the server.

WireGuard no matter how long I leave it for does not try use the IPv4 address if an IPv6 address is also present on the hostname

For now I have had to disable my IPv6 HE.net tunnel and stick with IPv4.

Pings and traffic suddenly stop working

After a period of time, I was unable to ping the clients at the other end of the WireGuard tunnel. I assume it was due to something, like Network Address Translation, timing out.

This was a fairly trival fix by adding by adding the PersistentKeepalive to the configuration

[Peer] 
PersistentKeepalive = 10

This sends a packet across the tunnel every 10 seconds to show any other network appliances that the traffic stream is ‘active’.

Leave a Reply

Your email address will not be published. Required fields are marked *