[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: krijg Wireguard niet naar verwachting aan de gang met IPv6

Goedenmorgen!

[...] knip

>>
>> Iets om te proberen:
>> Onder 2a01:4f8:200:546b/64 bijvoorbeeld 2a01:4f8:200:546b:4653/80
>> hangen. Aan wireguard server geef je 2a01:4f8:200:546b:4653::1
>> Aan wireguard client geef je 2a01:4f8:200:546b:4653::2  [2]

Ik ben een stapje verder, hoop ik. Dank zover voor de assistentie.

Teruggezocht welk IPv6 addressen ik voorhanden had toen ik nog openvpn
gebruikte. Zoals gezegd, OpenVPN werkte niet meer na de overstap naar
Bullseye.

Ik neem de IPv6 addressen over van de openvpn configuratie. Weet niet
zeker of ik dat goed doe.

Ik heb nu wg0.conf op de client:

,----
| [Interface]
| Address= 10.93.15.2/24, 2a01:4f8:200:546b:0:9e15:9e15:2/64
| PrivateKey = <privatekey>
| 
| [Peer]
| PublicKey = P3GrgaFCxj6gc6CnOUPo8vxBtKaOcKa7wa8LoL1oUl0=
| Endpoint = [2a01:4f8:200:546b::9e15:1]:51820
| AllowedIPs = 0.0.0.0/0, ::/0
| 
| PersistentKeepalive = 25
`----

en op de server

,----
| [Interface]
| Address = 10.93.15.1/24, 2a01:4f8:200:546b:0:9e15:9e15:1/64
| PrivateKey = <privatekey>
| ListenPort = 51820
| 
| [Peer]
| PublicKey = nRwfI98C+AFDaLZuaF1i7YWrj7yQDHrQO07XvivGn2U=
| AllowedIPs = 10.93.15.2/32, 2a01:4f8:200:546b:0:9e15:9e15:2/128
`----

als ik nu beiden aanzet:

client:

wg-quick up wg0
[#] ip link add wg0 type wireguard
[#] wg setconf wg0 /dev/fd/63
[#] ip -4 address add 10.93.15.2/24 dev wg0
[#] ip -6 address add 2a01:4f8:200:546b:0:9e15:9e15:2/64 dev wg0
[#] ip link set mtu 1420 up dev wg0
[#] wg set wg0 fwmark 51820
[#] ip -6 route add ::/0 dev wg0 table 51820
[#] ip -6 rule add not fwmark 51820 table 51820
[#] ip -6 rule add table main suppress_prefixlength 0
[#] ip6tables-restore -n
[#] ip -4 route add 0.0.0.0/0 dev wg0 table 51820
[#] ip -4 rule add not fwmark 51820 table 51820
[#] ip -4 rule add table main suppress_prefixlength 0
[#] sysctl -q net.ipv4.conf.all.src_valid_mark=1
[#] iptables-restore -n


server:

wg-quick up wg0
[#] ip link add wg0 type wireguard
[#] wg setconf wg0 /dev/fd/63
[#] ip -4 address add 10.93.15.1/24 dev wg0
[#] ip -6 address add 2a01:4f8:200:546b:0:9e15:9e15:1/64 dev wg0
[#] ip link set mtu 1420 up dev wg0


en ping4 en ping6 vallen nu beiden stil (!)

ping4 ping.xs4all.nl
PING  (194.109.6.8) 56(84) bytes of data.
^C
---  ping statistics ---
9 packets transmitted, 0 received, 100% packet loss, time 8186ms

root@inauditus:/etc/wireguard# ping6 ping.xs4all.nl
PING ping.xs4all.nl(ping.xs4all.nl (2001:888:0:5::1)) 56 data bytes
^C
--- ping.xs4all.nl ping statistics ---
8 packets transmitted, 0 received, 100% packet loss, time 7147ms

Lijkt me dat ik op de goede weg ben.
Reply to: