Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    WireGuard interface IPv6 prefixlen

    Scheduled Pinned Locked Moved
    WireGuard
    4
    7
    650
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      Ghola
      last edited by

      I'm trying to set up two WireGuard tunnels. These are the addresses I have been provided:

      • 10.72.69.xxx/32,fc00:bbbb:bbbb:bb01::9:xxxx/128
      • 10.71.231.xxx/32,fc00:bbbb:bbbb:bb01::8:xxxx/128

      I can add the first one fine, but then I get this error when trying to add the second:

      The following input errors were detected:
      fc00:bbbb:bbbb:bb01::8:xxxx/128 is already configured on this firewall: OPT10 (fc00:bbbb:bbbb:bb01::9:xxxx/64)

      As the error indicates, the first interface seems to have been assigned a /64 rather than the specified /128. Confirmed with ifconfig wg0:

          inet 10.72.69.xxx netmask 0xffffffff
    inet6 fc00:bbbb:bbbb:bb01::9:xxxx prefixlen 64

      Am I missing something? This seems like a bug.

      dennis_sD 1 Reply Last reply Reply Quote 0
      • G
        Ghola
        last edited by Ghola

        I dug further into this. It is a bug. When I add the first interface, /etc/inc/web/wg.inc does this:

        /sbin/ifconfig 'wg0' inet6 'fc00:bbbb:bbbb:bb01::9:xxxx' netmask '255.255.255.255'

        If I apply the attached fix, it does this instead:

        /sbin/ifconfig 'wg0' inet6 'fc00:bbbb:bbbb:bb01::9:xxxx' prefixlen '128'

        wg.inc.patch

        ManateeM 1 Reply Last reply Reply Quote 2
        • ManateeM
          Manatee @Ghola
          last edited by

          This post is deleted!
          1 Reply Last reply Reply Quote 0
          • N
            nva
            last edited by nva

            Ahh a fellow Mullvad user. I had same problem and was going to post this. Are Netgate aware of this bug? I just take a look at bug tracker and it seems nobody posted this there. Tagging mod @dennis_s

            dennis_sD 1 Reply Last reply Reply Quote 0
            • dennis_sD
              dennis_s @nva
              last edited by

              @nva Thanks for the mention...let me bring this up to our engineers.

              1 Reply Last reply Reply Quote 1
              • dennis_sD
                dennis_s @Ghola
                last edited by dennis_s

                @ghola Can you please open a ticket on Redmine for this issue. You can find details of what is needed here.

                G 1 Reply Last reply Reply Quote 0
                • G
                  Ghola @dennis_s
                  last edited by

                  @dennis_s Sure! Opened bug #11618.

                  1 Reply Last reply Reply Quote 2
                  • First post
                    Last post