Hi
Le 27/08/2021 à 23:44, Roman Mamedov a écrit :
On Sat, 28 Aug 2021 07:05:45 +0930
Mike O'Connor <m...@pineview.net> wrote:
On a 1500 link I'm having to use 1280 to get ipv6 to successfully go
over a wireguard link.
Then it is not a true 1500 MTU link, something in-between drops packets at a
lower bar. Or maybe not all of them, but just UDP, for example.
But yeah, 1280 is worth trying as well, maybe Daniel has a similar issue.
As for me I am using MTU 1412 WG over IPv6 on a 1492 MTU underlying link just
fine.
After lot of few testings, I think the problem is elsewhere. Setup of
the server:
. eth0 with one public ipv4 IP and ipv6 /64
. 2 tunnels (one gre, one sit), each of them having one ipv4 and one
ipv6 /64. They take care on trafic from/to our /48 ipv6 range
. 2 tun openvpn interfaces for customers with ipv6 address from our /48
range
. wireguard interface with ipv6 address from our /48 range
Using tcpdump -i any I see the trafic coming to the gre interface and
that's all. But netstat show
udp6 0 0 :::12345 :::*
0 125391 -
and ps aux output is
dh@peech:~$ ps ax|grep wg
6969 ? I< 0:00 [wg-crypt-wig4to]
7026 ? I 0:00 [kworker/1:2-wg-kex-wig4tootai]
Question: is wireguard really listening on all ipv6 addresses ? If not,
how is the address choosen ?
[...]
Thanks for your help
--
Daniel