Re: WireGuard Mailling List

2023-07-23 Thread Wang Jian
Hi, I don't know the origin of the Wireguard logo, but it seems to be a 蛟 (Jiao, pronounced j-ee-au), not a 龙 (Long) The differences between Long (know as Chinese dragon) and Jiao is * Jiao has 2 small straight horns or no horn at all while Long has 2 bigger and forky horns * Long has beard

Re: soft lockup - may be related to wireguard (backported)

2020-05-05 Thread Wang Jian
Jason A. Donenfeld 于2020年5月5日周二 上午6:28写道: > Can you send full networking configuration in enough detail that I'll be > able to reliably reproduce this problem? If I can't reproduce it, it's > unlikely I'll be able to fix it. I will send full networking configuration to you privately. The

Re: soft lockup - may be related to wireguard (backported)

2020-05-04 Thread Wang Jian
Alex Xu (Hello71) 于2020年5月4日周一 下午9:49写道: > > Excerpts from Jason A. Donenfeld's message of May 4, 2020 1:26 am: > > Are you routing wireguard over wireguard, or something interesting like > > that? > > > > Is ipsec being used? > > > > This "DN2800MT" looks like an Atom board from 2012; are you

Re: soft lockup - may be related to wireguard (backported)

2020-05-04 Thread Wang Jian
Jason A. Donenfeld 于2020年5月4日周一 下午1:26写道: > > Are you routing wireguard over wireguard, or something interesting like that? > > Is ipsec being used? I don't think I have any fancy use cases. But wireguard over pppoe? Other details are - nftable's iptables compatible mode is used, along with

soft lockup - may be related to wireguard (backported)

2020-05-03 Thread Wang Jian
The following is kernel log of soft lockup # uname -a Linux gw 5.5.0-2-amd64 #1 SMP Debian 5.5.17-1 (2020-04-15) x86_64 GNU/Linux # cat /sys/module/wireguard/version 1.0.0 This is a linux box run debian testing. I think the wireguard is backported from 5.6. The box had a cpu usage spike during

Re: add/remove a peer

2018-03-25 Thread Wang Jian
2018-03-25 3:32 GMT+08:00 ST : > Hello, > > I'm learning WireGuard and have a question regarding adding/removing a > peer. > > Is there something like: > > 1) wg add peer ABCDEF... allowed-ips 192.168.88.0/24 endpoint > 209.202.254.14:8172 > > 2) similar for removing clients: >

The plan for road warrior access?

2017-09-09 Thread Wang Jian
Hi Jason, Wireguard is great for site to site VPN, even in current early stage. We will replace our IPSec deployment with wireguard, after the multihome issue fixed. Thanks for your outstanding work. For road warrior access, I think it's quite straghtforward to build an SSL VPN around wireguard,

Re: Multihomed server issue

2017-09-09 Thread Wang Jian
2017-09-08 5:28 GMT+08:00 Jason A. Donenfeld <ja...@zx2c4.com>: > Hey there, > > This all should be fixed and working well in the latest snapshot. Can > you test this and confirm that it behaves the way you were hoping? > Hi Jason, It works as expected now. Thanks

Re: Multihomed server issue

2017-08-12 Thread Wang Jian
2017-08-10 22:29 GMT+08:00 Jason A. Donenfeld : > Hi Wang, > > Did you have any luck reproducing this with the netns.sh script? I managed to test with dummy interface but things are not as expected. I think it's because my test case patch is not equvalent to my real setup. I was

Re: Multihomed server issue

2017-08-03 Thread Wang Jian
2017-08-03 20:59 GMT+08:00 Jason A. Donenfeld : > Hi Wang, > > I understand your inquiry and I see what you're trying to accomplish > with your use of ip rule and fwmark. However, *WireGuard already does > this automatically*. We _do_ support reply-to-sender. We _do_ > supported

Re: Multihomed server issue

2017-08-02 Thread Wang Jian
2017-08-01 19:28 GMT+08:00 Wang Jian <larkw...@gmail.com>: > 2017-08-01 11:06 GMT+08:00 Jason A. Donenfeld <ja...@zx2c4.com>: >> On Tue, Aug 1, 2017 at 4:01 AM, Wang Jian <larkw...@gmail.com> wrote: >>> 2017-07-31 23:34 GMT+08:00 Jason A. Donenfeld <ja...@zx2

Re: Multihomed server issue

2017-08-01 Thread Wang Jian
2017-08-01 11:06 GMT+08:00 Jason A. Donenfeld <ja...@zx2c4.com>: > On Tue, Aug 1, 2017 at 4:01 AM, Wang Jian <larkw...@gmail.com> wrote: >> 2017-07-31 23:34 GMT+08:00 Jason A. Donenfeld <ja...@zx2c4.com>: >>> On Fri, Jul 28, 2017 at 2:51 AM, Wang Jian <larkw

Re: Multihomed server issue

2017-07-31 Thread Wang Jian
2017-07-31 23:34 GMT+08:00 Jason A. Donenfeld <ja...@zx2c4.com>: > On Fri, Jul 28, 2017 at 2:51 AM, Wang Jian <larkw...@gmail.com> wrote: >> The solution can be one of: >> >> 1. server can RTS (response to source), or can bind to arbitary >> address for outgo

Multihomed server issue

2017-07-27 Thread Wang Jian
Hi, I have met multihome server issue with an unusual network setup. The server is multihomed, all public addresses are configured on dummyN interfaces, and routes are established by bird routing daemon, via address pairs (172.16.xx.xx/30) on public network interface. And, the default route is