Thanks David Yes I have seen this and I am setting the keepalive when doing an upgrade. This one is directly connected though.
Regards Michael Knill From: David Kerr <[email protected]> Reply to: AstLinux List <[email protected]> Date: Wednesday, 19 May 2021 at 7:42 am To: AstLinux List <[email protected]> Subject: Re: [Astlinux-users] Wireguard VPN disconnection I've had some recent problems with wireguard disconnecting (or not reconnecting) from a remote system behind NAT. I discovered that setting PersistentKeepalive to something other than zero (I set to 25) helped. I did it at both ends, but might only have been required for the system behind the NAT. David On Tue, May 18, 2021 at 5:32 PM Lonnie Abelbeck <[email protected]<mailto:[email protected]>> wrote: reboot You should not do a "service network restart" Lonnie > On May 18, 2021, at 4:27 PM, Michael Knill > <[email protected]<mailto:[email protected]>> > wrote: > > Hmm same problem again with two of my sites. > Only one of the two Wireguard VPN's are down. I have tried the following: > arno-iptables-firewall restart > service network restart > pppoe-restart > ip link set dev wg0 down & ip link set dev wg0 up > > All to no avail. Any other ideas before I reboot? > PS there is no failover configured for this site so I don't think MTU is the > issue. > > Regards > Michael Knill > > On 20/3/21, 2:09 pm, "Michael Knill" > <[email protected]<mailto:[email protected]>> > wrote: > > Thanks. Guess I will need to test it out. > > Regards > Michael Knill > > On 20/3/21, 2:03 pm, "Lonnie Abelbeck" > <[email protected]<mailto:[email protected]>> wrote: > > While playing with the WG MTU, it seemed to work with only setting one > end and the tunnel used the smallest, but I played it safe and set everything > to 1340. > > It would be good to know what the precise answer is. > > Lonnie > > >> On Mar 19, 2021, at 9:57 PM, Michael Knill >> <[email protected]<mailto:[email protected]>> >> wrote: >> >> Thanks Lonnie. >> >> PS I was just thinking (dangerous I know). I would need to set it on both >> ends so do you think there would there be any issues with different MTU's at >> each end? >> Ultimately it would be the same eventually but there would be a migration >> period. >> >> Regards >> Michael Knill >> >> On 20/3/21, 1:41 pm, "Lonnie Abelbeck" >> <[email protected]<mailto:[email protected]>> wrote: >> >> I haven't seen any issues with a WG MTU of 1340, yet anyway. >> >> Lonnie >> >> >>> On Mar 19, 2021, at 9:29 PM, Michael Knill >>> <[email protected]<mailto:[email protected]>> >>> wrote: >>> >>> Thanks Lonnie >>> >>> Hmm that may have something to do with it. Might also be when it fails over >>> to 4G. >>> As most of my VPN's carry voice only, I think a standard MTU of 1340 for >>> all my systems should be fine. What do you think? >>> >>> Regards >>> Michael Knill >>> >>> On 20/3/21, 10:40 am, "Lonnie Abelbeck" >>> <[email protected]<mailto:[email protected]>> wrote: >>> >>> Hi Michael, >>> >>> I have not experienced anything like that, WireGuard connectivity is rock >>> solid for me. >>> >>> I don't recall later WireGuard versions having any fixes for what you are >>> describing. >>> >>> Just guessing, the standard MTU for WG is 1420 (1500-80), if you have a >>> PPPoE connection with a MTU of 1492 you might try setting the WG MTU to >>> 1412 (1500-8-80) or lower to test. >>> >>> I'm testing a 4G-LTE/5G fixed wireless internet service from T-Mobile, >>> they use Carrier Grade NAT (CGNAT) for IPv4 which lowers the MTU to 1420 >>> (just like WG) so WG needs a MTU setting of 1340 to work over the CGNAT or >>> else it hangs. >>> >>> Lonnie >>> >>> >>> >>> >>>> On Mar 19, 2021, at 3:42 PM, Michael Knill >>>> <[email protected]<mailto:[email protected]>> >>>> wrote: >>>> >>>> Hi Group >>>> >>>> Not sure if anyone else is experiencing this. I'm on 1.3.10 and all my >>>> systems connect via Wireguard VPN to both my softswitches. >>>> Its generally all pretty stable but occasionally one of the VPN’s will be >>>> disconnected and I have tried everything I can think of to bring it back >>>> up but only a reboot has managed to do so at this stage. >>>> Any ideas? >>>> >>>> Regards >>>> Michael Knill >>>> _______________________________________________ >>>> Astlinux-users mailing list >>>> [email protected]<mailto:[email protected]> >>>> https://lists.sourceforge.net/lists/listinfo/astlinux-users >>>> >>>> Donations to support AstLinux are graciously accepted via PayPal to >>>> [email protected]<mailto:[email protected]>. >>> >>> >>> >>> _______________________________________________ >>> Astlinux-users mailing list >>> >>> [email protected]<mailto:[email protected]> >>> https://lists.sourceforge.net/lists/listinfo/astlinux-users >>> >>> Donations to support AstLinux are graciously accepted via PayPal to >>> [email protected]<mailto:[email protected]>. >>> >>> >>> _______________________________________________ >>> Astlinux-users mailing list >>> [email protected]<mailto:[email protected]> >>> https://lists.sourceforge.net/lists/listinfo/astlinux-users >>> >>> Donations to support AstLinux are graciously accepted via PayPal to >>> [email protected]<mailto:[email protected]>. >> >> >> >> _______________________________________________ >> Astlinux-users mailing list >> >> [email protected]<mailto:[email protected]> >> https://lists.sourceforge.net/lists/listinfo/astlinux-users >> >> Donations to support AstLinux are graciously accepted via PayPal to >> [email protected]<mailto:[email protected]>. >> >> >> _______________________________________________ >> Astlinux-users mailing list >> [email protected]<mailto:[email protected]> >> https://lists.sourceforge.net/lists/listinfo/astlinux-users >> >> Donations to support AstLinux are graciously accepted via PayPal to >> [email protected]<mailto:[email protected]>. > > > > _______________________________________________ > Astlinux-users mailing list > > [email protected]<mailto:[email protected]> > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > Donations to support AstLinux are graciously accepted via PayPal to > [email protected]<mailto:[email protected]>. > > > _______________________________________________ > Astlinux-users mailing list > > [email protected]<mailto:[email protected]> > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > Donations to support AstLinux are graciously accepted via PayPal to > [email protected]<mailto:[email protected]>. > > > _______________________________________________ > Astlinux-users mailing list > [email protected]<mailto:[email protected]> > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > Donations to support AstLinux are graciously accepted via PayPal to > [email protected]<mailto:[email protected]>. _______________________________________________ Astlinux-users mailing list [email protected]<mailto:[email protected]> https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to [email protected]<mailto:[email protected]>.
_______________________________________________ Astlinux-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to [email protected].
