GL-MT2500 Brume 2 continually dropping WireGuard connection

I recently received my Brume2 router. I am trying to set up the WireGuard client on it, using ProtonVPN but the connection will frequently drop. I am generating the wireguard config from the ProtonVPN Downloads section. I have tried different options but the issue remains. Here is the log from the WireGuard client when it fails:

“Mon Dec 12 10:08:29 2022 daemon.notice netifd: wgclient (9063): udhcpc: started, v1.33.2
Mon Dec 12 10:08:29 2022 daemon.notice netifd: wgclient (9063): udhcpc: sending discover
Mon Dec 12 10:08:31 2022 daemon.notice netifd: wgclient (9063): udhcpc: no lease, failing
Mon Dec 12 10:08:31 2022 daemon.notice netifd: Interface ‘wgclient’ is now down
Mon Dec 12 10:08:31 2022 daemon.notice netifd: Interface ‘wgclient’ is setting up now
Mon Dec 12 10:08:33 2022 user.notice wireguard-debug: USER=root ifname=wgclient ACTION=KEYPAIR-CREATED SHLVL=1 HOME=/ HOTPLUG_TYPE=wireguard LOGNAME=root DEVICENAME= TERM=linux SUBSYSTEM=wireguard PATH=/usr/sbin:/usr/bin:/sbin:/bin PWD=/
Mon Dec 12 10:08:34 2022 daemon.notice netifd: Interface ‘wgclient’ is now up
Mon Dec 12 10:08:34 2022 daemon.notice netifd: Network device ‘wgclient’ link is up
Mon Dec 12 10:08:34 2022 user.notice firewall: Reloading firewall due to ifup of wgclient (wgclient)
Mon Dec 12 10:08:36 2022 user.notice wgclient-up: env value:T_J_A1_1=object T_J_V_ifname=string USER=root ifname=wgclient ACTION=KEYPAIR-CREATED SHLVL=2 J_V_keep=1 T_J_V_ipaddr=array HOME=/ T_J_T2_mask=string HOTPLUG_TYPE=wireguard T_J_V_interface=string J_A1_1=J_T2 J_V_ifname=wgclient T_J_V_link_up=boolean T_J_T2_ipaddr=string LOGNAME=root DEVICENAME= T_J_V_action=int K_J_A1= 1 J_V_ipaddr=J_A1 TERM=linux SUBSYSTEM=wireguard PATH=/usr/sbin:/usr/bin:/sbin:/bin J_T2_mask=32 CONFIG_LIST_STATE= J_V_interface=wgclient K_J_V= action ifname link_up keep ipaddr interface J_V_link_up=1 J_T2_ipaddr=10.2.0.2 J_V_action=0 N_J_V_link_up=link-up PROTO_IPADDR=10.2.0.2/32// T_J_V_keep=boolean PWD=/ JSON_CUR=J_V K_J_T2= ipaddr mask CONFIG_SECTIONS=global AzireVPN Mullvad FromApp group_4222 group_7189 group_155 group_3433 group_2751 peer_8405 peer_5651 peer_9835 CONFIG_cfg030f15_ports=
Mon Dec 12 10:08:39 2022 user.notice wireguard-debug: USER=root ifname=wgclient ACTION=KEYPAIR-CREATED SHLVL=1 HOME=/ HOTPLUG_TYPE=wireguard LOGNAME=root DEVICENAME= TERM=linux SUBSYSTEM=wireguard PATH=/usr/sbin:/usr/bin:/sbin:/bin PWD=/
Mon Dec 12 10:08:39 2022 user.notice wireguard-debug: USER=root ifname=wgclient ACTION=REKEY-TIMEOUT SHLVL=1 HOME=/ HOTPLUG_TYPE=wireguard LOGNAME=root DEVICENAME= TERM=linux SUBSYSTEM=wireguard PATH=/usr/sbin:/usr/bin:/sbin:/bin PWD=/
Mon Dec 12 10:08:39 2022 daemon.notice netifd: Interface ‘wgclient’ has lost the connection
Mon Dec 12 10:08:39 2022 daemon.notice netifd: Network device ‘wgclient’ link is down
Mon Dec 12 10:08:39 2022 daemon.notice netifd: wgclient (11122): udhcpc: started, v1.33.2
Mon Dec 12 10:08:39 2022 daemon.notice netifd: wgclient (11122): udhcpc: sending discover
Mon Dec 12 10:08:42 2022 daemon.notice netifd: wgclient (11122): udhcpc: no lease, failing
Mon Dec 12 10:08:42 2022 daemon.notice netifd: Interface ‘wgclient’ is now down
Mon Dec 12 10:08:42 2022 daemon.notice netifd: Interface ‘wgclient’ is setting up now
Mon Dec 12 10:08:44 2022 user.notice wireguard-debug: USER=root ifname=wgclient ACTION=KEYPAIR-CREATED SHLVL=1 HOME=/ HOTPLUG_TYPE=wireguard LOGNAME=root DEVICENAME= TERM=linux SUBSYSTEM=wireguard PATH=/usr/sbin:/usr/bin:/sbin:/bin PWD=/”

Is there any indication this is falls on the router and not the service?

I have also noticed this as the connection attempts to reconnect but ultimately gives up and continues to loop through the reconnect:

“Mon Dec 12 10:20:01 2022 user.notice wireguard-debug: USER=root ifname=wgclient ACTION=REKEY-TIMEOUT SHLVL=1 HOME=/ HOTPLUG_TYPE=wireguard LOGNAME=root DEVICENAME= TERM=linux SUBSYSTEM=wireguard PATH=/usr/sbin:/usr/bin:/sbin:/bin PWD=/
Mon Dec 12 10:20:06 2022 user.notice wireguard-debug: USER=root ifname=wgclient ACTION=REKEY-TIMEOUT SHLVL=1 HOME=/ HOTPLUG_TYPE=wireguard LOGNAME=root DEVICENAME= TERM=linux SUBSYSTEM=wireguard PATH=/usr/sbin:/usr/bin:/sbin:/bin PWD=/
Mon Dec 12 10:20:12 2022 user.notice wireguard-debug: USER=root ifname=wgclient ACTION=REKEY-TIMEOUT SHLVL=1 HOME=/ HOTPLUG_TYPE=wireguard LOGNAME=root DEVICENAME= TERM=linux SUBSYSTEM=wireguard PATH=/usr/sbin:/usr/bin:/sbin:/bin PWD=/
Mon Dec 12 10:20:17 2022 user.notice wireguard-debug: USER=root ifname=wgclient ACTION=REKEY-TIMEOUT SHLVL=1 HOME=/ HOTPLUG_TYPE=wireguard LOGNAME=root DEVICENAME= TERM=linux SUBSYSTEM=wireguard PATH=/usr/sbin:/usr/bin:/sbin:/bin PWD=/
Mon Dec 12 10:20:23 2022 user.notice wireguard-debug: USER=root ifname=wgclient ACTION=REKEY-TIMEOUT SHLVL=1 HOME=/ HOTPLUG_TYPE=wireguard LOGNAME=root DEVICENAME= TERM=linux SUBSYSTEM=wireguard PATH=/usr/sbin:/usr/bin:/sbin:/bin PWD=/
Mon Dec 12 10:20:28 2022 user.notice wireguard-debug: USER=root ifname=wgclient ACTION=REKEY-TIMEOUT SHLVL=1 HOME=/ HOTPLUG_TYPE=wireguard LOGNAME=root DEVICENAME= TERM=linux SUBSYSTEM=wireguard PATH=/usr/sbin:/usr/bin:/sbin:/bin PWD=/
Mon Dec 12 10:20:33 2022 user.notice wireguard-debug: USER=root ifname=wgclient ACTION=REKEY-TIMEOUT SHLVL=1 HOME=/ HOTPLUG_TYPE=wireguard LOGNAME=root DEVICENAME= TERM=linux SUBSYSTEM=wireguard PATH=/usr/sbin:/usr/bin:/sbin:/bin PWD=/
Mon Dec 12 10:20:38 2022 user.notice wireguard-debug: USER=root ifname=wgclient ACTION=REKEY-TIMEOUT SHLVL=1 HOME=/ HOTPLUG_TYPE=wireguard LOGNAME=root DEVICENAME= TERM=linux SUBSYSTEM=wireguard PATH=/usr/sbin:/usr/bin:/sbin:/bin PWD=/
Mon Dec 12 10:20:43 2022 user.notice wireguard-debug: USER=root ifname=wgclient ACTION=REKEY-TIMEOUT SHLVL=1 HOME=/ HOTPLUG_TYPE=wireguard LOGNAME=root DEVICENAME= TERM=linux SUBSYSTEM=wireguard PATH=/usr/sbin:/usr/bin:/sbin:/bin PWD=/
Mon Dec 12 10:20:49 2022 user.notice wireguard-debug: USER=root ifname=wgclient ACTION=REKEY-TIMEOUT SHLVL=1 HOME=/ HOTPLUG_TYPE=wireguard LOGNAME=root DEVICENAME= TERM=linux SUBSYSTEM=wireguard PATH=/usr/sbin:/usr/bin:/sbin:/bin PWD=/
Mon Dec 12 10:20:54 2022 user.notice wireguard-debug: USER=root ifname=wgclient ACTION=REKEY-TIMEOUT SHLVL=1 HOME=/ HOTPLUG_TYPE=wireguard LOGNAME=root DEVICENAME= TERM=linux SUBSYSTEM=wireguard PATH=/usr/sbin:/usr/bin:/sbin:/bin PWD=/
Mon Dec 12 10:20:59 2022 user.notice wireguard-debug: USER=root ifname=wgclient ACTION=REKEY-GIVEUP SHLVL=1 HOME=/ HOTPLUG_TYPE=wireguard LOGNAME=root DEVICENAME= TERM=linux SUBSYSTEM=wireguard PATH=/usr/sbin:/usr/bin:/sbin:/bin PWD=/
Mon Dec 12 10:21:00 2022 daemon.notice netifd: Interface ‘wgclient’ is now down
Mon Dec 12 10:21:00 2022 daemon.notice netifd: Interface ‘wgclient’ is setting up now
Mon Dec 12 10:21:05 2022 user.notice wireguard-debug: USER=root ifname=wgclient ACTION=REKEY-TIMEOUT SHLVL=1 HOME=/ HOTPLUG_TYPE=wireguard LOGNAME=root DEVICENAME= TERM=linux SUBSYSTEM=wireguard PATH=/usr/sbin:/usr/bin:/sbin:/bin PWD=/
Mon Dec 12 10:21:10 2022 user.notice wireguard-debug: USER=root ifname=wgclient ACTION=REKEY-TIMEOUT SHLVL=1 HOME=/ HOTPLUG_TYPE=wireguard LOGNAME=root DEVICENAME= TERM=linux SUBSYSTEM=wireguard PATH=/usr/sbin:/usr/bin:/sbin:/bin PWD=/
Mon Dec 12 10:21:16 2022 user.notice wireguard-debug: USER=root ifname=wgclient ACTION=REKEY-TIMEOUT SHLVL=1 HOME=/ HOTPLUG_TYPE=wireguard LOGNAME=root DEVICENAME= TERM=linux SUBSYSTEM=wireguard PATH=/usr/sbin:/usr/bin:/sbin:/bin PWD=/
Mon Dec 12 10:21:21 2022 user.notice wireguard-debug: USER=root ifname=wgclient ACTION=REKEY-TIMEOUT SHLVL=1 HOME=/ HOTPLUG_TYPE=wireguard LOGNAME=root DEVICENAME= TERM=linux SUBSYSTEM=wireguard PATH=/usr/sbin:/usr/bin:/sbin:/bin PWD=/
Mon Dec 12 10:21:26 2022 user.notice wireguard-debug: USER=root ifname=wgclient ACTION=REKEY-TIMEOUT SHLVL=1 HOME=/ HOTPLUG_TYPE=wireguard LOGNAME=root DEVICENAME= TERM=linux SUBSYSTEM=wireguard PATH=/usr/sbin:/usr/bin:/sbin:/bin PWD=/
Mon Dec 12 10:21:32 2022 user.notice wireguard-debug: USER=root ifname=wgclient ACTION=REKEY-TIMEOUT SHLVL=1 HOME=/ HOTPLUG_TYPE=wireguard LOGNAME=root DEVICENAME= TERM=linux SUBSYSTEM=wireguard PATH=/usr/sbin:/usr/bin:/sbin:/bin PWD=/”

Can you let me know is there any difference between your config and mine.

image

Thanks for replying Alzhao, I resolved the issue. TLDR; it had to do with my wireless router.

For anyone that may be experiencing a similar issue… My setup is a Google Nest Wifi → Brume 2 → ISP modem. I was trying to avoid putting the nest wifi into bridge mode as that will disable its mesh network capabilities.

When I was experiencing a WireGuard connection drop, I checked the System log and noticed a message from dnsmasq: Maximum number of concurrent DNS queries reached (max: 150). There was only a few devices on my network so having 150 concurrent connections seemed unusual. I started AdGuard Home as a way to monitor the DNS requests. After having it run for a while, I noticed the average request time was 1500 ms. I checked the query logs and noticed that every once in a while, a flood of DNS requests (40+) would take between 10s-40s to process. I took another look at my Google Nest wifi router and noticed that its DNS setting was set to Google. I changed it to use the ISP’s server (I’m guessing this just points to whatever is upstream, being the Brume2). After a reboot of the Nest wifi, I have not experienced any issues at all.

Thanks. This is nice findings. Although I have no idea how and why.