Hi
On a 1500 link I'm having to use 1280 to get ipv6 to successfully go
over a wireguard link.
I really think wireguard should be able to fragment and send via
multiply UDP packets.
wireguard works very well other than this issue, performance is
extremely good.
Mike
On 28/8/21 2:46 am, Daniel wrote:
Hi ROman
Le 27/08/2021 à 18:14, Roman Mamedov a écrit :
On Thu, 26 Aug 2021 13:14:00 +0200
Daniel <t...@tootai.net> wrote:
Correction
Le 25/08/2021 à 17:25, Daniel a écrit :
Hi list,
I setup wireguard on a server running Debian 11 and get it to work
with
2 clients (Debian 11 and Ubuntu 20.04). Clients and server are on
separate networks, one client behind a FW the other direct on
Internet,
no FW at all (VPS).
With this setup and ipv4 connection to the public IP of the server,
everything is working as expected, ipv4 as well as ipv6 are passing
smoothly.
Now I want to connect using the ipv6 address of the wg interface as
both
clients and server have ULA ipv6.
Here is GUA to read.
This fail, wg show that connection is
established but VPN is not usable. It's not a FW problem as I can
ssh to
the ipv6 address, as well as a netcat test from/to server IP -from
each
client- on an UDP port is working properly. Also,
net.ipv6.conf.all.forwarding=1 is activated in sysctl.conf
All network stuff is done in /etc/network/interfaces which call the
config file. The ipv6 address of the server is affected _to the
wireguard interface_ (in ipv4 it's another interface who take care of
the public address)
Server version is wireguard-tools v1.0.20210223.
If someone have any hint, thanks to share ;)
IPv6 requires the in-WG MTU to be 20 bytes less than when running
over IPv4.
Try reducing it accordingly.
Tried 1400, 1396 and 1392, problem stay.
Thanks for your help