25.07.r.20250709.2036 First Boot WireGuard Service not running
-
Hmm, like one tunnel out of several didn't come up? But others did?
-
@stephenw10 Yes. From time to time I see a problem like this but not often. But here it was both times.
-
@stephenw10 Just upgraded to 25.07.r.20250715.1733, it happened again.
The problematic tunnel also is the same.
Another reboot fixes it.
Sidenote: I had uninstalled Nexus before but it was re-added on upgrading 25.07.r.20250715.1733.
-
Yes, Nexus is a default package in Plus, it should always be installed.
-
And it happened again. Tomorrow I will recreate this WG-interface just to make sure.
<opt1> <descr><![CDATA[VPNcWgNtcpDirect]]></descr> <if>tun_wg7</if> <enable></enable> <spoofmac></spoofmac> <mtu>1420</mtu> <mss>1420</mss> <ipaddr>10.3.9.26</ipaddr> <subnet>29</subnet> <gateway>VPNcWgNtcpDirectGW</gateway> </opt1> -
I had recreated the interface, also moving it away from being opt1. Today I wanted to try the if_pppoe kernel module. After the mandatory reboot, not only was the WireGuard Service down again, also none of the tunnels were up... I switched back to the old module after having no success with WireGuard after another reboot. But even then it took two further reboots to have WireGuard working again. Right now it works with the new module according to the web-UI but I am really concerned what will happen at next reboot.
-
Hmm, so both the service and none of the tunnels were up after rebooting several times?
Nothing logged at boot or in the system log? No errors shown?
-
@stephenw10 Nothing at boot and nothing that pops into my eyes but I am not versed with the logs in general.
Some stuff:
Jul 20 17:30:38 vnstatd 44706 Interface "hn2.110" disabled. Jul 20 17:30:38 vnstatd 44706 Interface "hn2.111" disabled. Jul 20 17:30:38 vnstatd 44706 Interface "hn2.185" disabled. Jul 20 17:30:38 vnstatd 44706 Interface "hn2.35" disabled. Jul 20 17:30:38 vnstatd 44706 Interface "tun_wg7" disabled.These interfaces don't exist anymore, still they are in the logs, why.
Other stuff I picked...
Jul 20 17:30:38 vnstatd 50564 Error: pidfile "/var/run/vnstat/vnstat.pid" lock failed (Resource temporarily unavailable), exiting. Jul 20 17:30:27 kernel wg5: changing name to 'tun_wg0' Jul 20 17:30:27 kernel tun_wg6: link state changed to UP Jul 20 17:30:27 kernel wg4: changing name to 'tun_wg6' Jul 20 17:30:27 kernel tun_wg5: link state changed to UP Jul 20 17:29:48 php-fpm 38554 /diag_reboot.php: The command '/usr/local/etc/rc.d/wireguardd stop' returned exit code '1', the output was 'umount: /var/unbound/dev: not a file system root directory'Interestingly same problem at next reboot. While I was going through the logs, I restarted WG in Service Status and it came up, happy about that.
-
@Bob-Dig said in 25.07.r.20250709.2036 First Boot WireGuard Service not running:
not only was the WireGuard Service down again, also none of the tunnels were up...
Correction: None of the gateways corresponding to the tunnels were up. Before, only one gateway wasn't up, now no gateway was up. Have to check with the tunnels next time, if they are partially up or not.
-
@stephenw10 The problem is persistent. On every boot the WireGuard service is disabled and all corresponding gateways are disabled too.
All the WireGuard tunnels are up. If I enable the gateways by hand and then restart WireGuard, it is running fine. At least this is a solution that works. -
@Bob-Dig said in 25.07.r.20250709.2036 First Boot WireGuard Service not running:
These interfaces don't exist anymore, still they are in the logs, why.
They probably still exist in the configuration file for one of the traffic monitoring packages, traffic totals maybe? Resaving that with existing interfaces should remove those lines but I doubt they are causing this.
That error stopping wireguard looks to have come from the reboot script. I assume that was after you manually rebooted but before the actual reboot?
@Bob-Dig said in 25.07.r.20250709.2036 First Boot WireGuard Service not running:
If I enable the gateways by hand and then restart WireGuard, it is running fine. At least this is a solution that works.
The wiregaurd tunnel gateways? Or the WAN gateways?
I wouldn't expect the WG gateways to be available if the wireguard service is stopped. Conversely I expect them to become available when it starts and I assume that isn't happening if you have to manually start them.
