Hi Jason, thanks very much for your input. Yes I also realized that the NETIF_F_VIRTUAL is a Virtuozzo specific thing and almost lost hope with this.
However with your patch applied I get a failure at dkms build and lots of warnings in the log that NETIF_F_LLTX is redefined. I'm not familiar with DKMS stuff but I just wrote around this and got a working solution with: diff --git a/usr/src/wireguard-0.0.20190702/compat/compat.h b/usr/src/wireguard-0.0.20190702/compat/compat.h.patched index 239fa58..0c61ede 100644 --- a/usr/src/wireguard-0.0.20190702/compat/compat.h +++ b/usr/src/wireguard-0.0.20190702/compat/compat.h.patched @@ -844,6 +844,10 @@ static inline void skb_mark_not_on_list(struct sk_buff *skb) #define cpu_have_named_feature(name) (elf_hwcap & (HWCAP_ ## name)) #endif +#ifdef CONFIG_VE +#define NETIF_F_LLTX_VIRT (NETIF_F_LLTX | NETIF_F_VIRTUAL) +#endif + /* https://github.com/ClangBuiltLinux/linux/issues/7 */ #if defined( __clang__) && (!defined(CONFIG_CLANG_VERSION) || CONFIG_CLANG_VERSION < 80000) #include <linux/bug.h> diff --git a/usr/src/wireguard-0.0.20190702/device.c b/usr/src/wireguard-0.0.20190702/device.c.patched index d17dbf7..8bd1e8a 100644 --- a/usr/src/wireguard-0.0.20190702/device.c +++ b/usr/src/wireguard-0.0.20190702/device.c.patched @@ -281,7 +281,11 @@ static void wg_setup(struct net_device *dev) #else dev->tx_queue_len = 0; #endif +#ifdef NETIF_F_LLTX_VIRT + dev->features |= NETIF_F_LLTX_VIRT; +#else dev->features |= NETIF_F_LLTX; +#endif dev->features |= WG_NETDEV_FEATURES; dev->hw_features |= WG_NETDEV_FEATURES; dev->hw_enc_features |= WG_NETDEV_FEATURES; Adding a wireguard interface inside the container then works! I'll setup a working tunnel tomorrow and do some testing with Virtuozzo Linux but I don't expect any further complications. If this is the whole thing which is needed to support Virtuozzo Linux, may this get merged? Thanks and regards, Beni Am 17.07.19 um 23:00 schrieb Jason A. Donenfeld: > Can you let me know if a patch like this does the trick? > > diff --git a/src/compat/compat.h b/src/compat/compat.h > index 62885500..d28657cb 100644 > --- a/src/compat/compat.h > +++ b/src/compat/compat.h > @@ -844,6 +844,10 @@ static inline void skb_mark_not_on_list(struct > sk_buff *skb) > #define cpu_have_named_feature(name) (elf_hwcap & (HWCAP_ ## name)) > #endif > > +#ifdef CONFIG_VE > +#define NETIF_F_LLTX (NETIF_F_LLTX | NETIF_F_VIRTUAL) > +#endif > + > /* https://github.com/ClangBuiltLinux/linux/issues/7 */ > #if defined( __clang__) && (!defined(CONFIG_CLANG_VERSION) || > CONFIG_CLANG_VERSION < 80000) > #include <linux/bug.h> _______________________________________________ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard