Wireguard constant issues

lenovomi · April 3, 2024, 1:29pm

hi,
i have constant dropouts from wg vpn… any clue why?
I was not occurring before few weeks.

Wed Apr  3 15:23:59 2024 daemon.notice netifd: wgclient (25743):  * Set tcp_syncookies to on
Wed Apr  3 15:23:59 2024 daemon.notice netifd: wgclient (25743):  * Set tcp_window_scaling to on
Wed Apr  3 15:23:59 2024 daemon.notice netifd: wgclient (25743):  * Running script '/etc/firewall.nat6'
Wed Apr  3 15:23:59 2024 daemon.notice netifd: wgclient (25743):  * Running script '/etc/firewall.vpn_server_policy.sh'
Wed Apr  3 15:23:59 2024 daemon.notice netifd: wgclient (25743):  * Running script '/etc/firewall.swap_wan_in_conn_mark.sh'
Wed Apr  3 15:23:59 2024 daemon.notice netifd: wgclient (25743):  * Running script '/var/etc/gls2s.include'
Wed Apr  3 15:23:59 2024 daemon.notice netifd: wgclient (25743):    ! Skipping due to path error: No such file or directory
Wed Apr  3 15:23:59 2024 daemon.notice netifd: wgclient (25743):  * Running script '/usr/bin/gl_block.sh'
Wed Apr  3 15:23:59 2024 daemon.notice netifd: wgclient (25743): uci: Entry not found
Wed Apr  3 15:23:59 2024 daemon.notice netifd: Network device 'wgclient' link is down
Wed Apr  3 15:23:59 2024 daemon.notice netifd: wgclient (25743): sh: 1: unknown operand
Wed Apr  3 15:24:00 2024 daemon.notice netifd: wgclient (25743): udhcpc: started, v1.33.2
Wed Apr  3 15:24:00 2024 daemon.notice netifd: wgclient (25743): udhcpc: sending discover
Wed Apr  3 15:24:02 2024 daemon.notice netifd: Interface 'wgclient' is now down
Wed Apr  3 15:24:02 2024 daemon.notice netifd: Interface 'wgclient' is setting up now
Wed Apr  3 15:24:02 2024 user.notice firewall: Reloading firewall due to ifdown of wgclient ()
Wed Apr  3 15:24:26 2024 daemon.notice netifd: Network device 'wgclient' link is up
Wed Apr  3 15:24:26 2024 daemon.notice netifd: Interface 'wgclient' is now up
Wed Apr  3 15:24:26 2024 user.notice firewall: Reloading firewall due to ifup of wgclient (wgclient)

Thanks

lenovomi · April 3, 2024, 2:03pm

Wed Apr  3 16:02:13 2024 daemon.notice netifd: wgclient (7630):  * Set tcp_syncookies to on
Wed Apr  3 16:02:13 2024 daemon.notice netifd: wgclient (7630):  * Set tcp_window_scaling to on
Wed Apr  3 16:02:13 2024 daemon.notice netifd: wgclient (7630):  * Running script '/etc/firewall.nat6'
Wed Apr  3 16:02:13 2024 daemon.notice netifd: wgclient (7630):  * Running script '/etc/firewall.vpn_server_policy.sh'
Wed Apr  3 16:02:14 2024 daemon.notice netifd: wgclient (7630):  * Running script '/etc/firewall.swap_wan_in_conn_mark.sh'
Wed Apr  3 16:02:14 2024 daemon.notice netifd: wgclient (7630):  * Running script '/var/etc/gls2s.include'
Wed Apr  3 16:02:14 2024 daemon.notice netifd: wgclient (7630):    ! Skipping due to path error: No such file or directory
Wed Apr  3 16:02:14 2024 daemon.notice netifd: wgclient (7630):  * Running script '/usr/bin/gl_block.sh'
Wed Apr  3 16:02:14 2024 daemon.notice netifd: wgclient (7630): uci: Entry not found
Wed Apr  3 16:02:14 2024 daemon.notice netifd: Network device 'wgclient' link is down
Wed Apr  3 16:02:14 2024 daemon.notice netifd: wgclient (7630): sh: 1: unknown operand
Wed Apr  3 16:02:15 2024 daemon.notice netifd: wgclient (7630): udhcpc: started, v1.33.2
Wed Apr  3 16:02:15 2024 daemon.notice netifd: wgclient (7630): udhcpc: sending discover
Wed Apr  3 16:02:18 2024 daemon.notice netifd: Interface 'wgclient' is now down
Wed Apr  3 16:02:18 2024 daemon.notice netifd: Interface 'wgclient' is setting up now
Wed Apr  3 16:02:18 2024 user.notice firewall: Reloading firewall due to ifdown of wgclient ()
Wed Apr  3 16:02:36 2024 daemon.notice netifd: Network device 'wgclient' link is up
Wed Apr  3 16:02:36 2024 daemon.notice netifd: Interface 'wgclient' is now up
Wed Apr  3 16:02:36 2024 user.notice firewall: Reloading firewall due to ifup of wgclient (wgclient)

lenovomi · April 3, 2024, 3:35pm

Wed Apr  3 17:35:00 2024 daemon.notice netifd: wgclient (3247):    * Zone 'wan'
Wed Apr  3 17:35:00 2024 daemon.notice netifd: wgclient (3247):    * Zone 'guest'
Wed Apr  3 17:35:00 2024 daemon.notice netifd: wgclient (3247):    * Zone 'wgclient'
Wed Apr  3 17:35:00 2024 daemon.notice netifd: wgclient (3247):  * Set tcp_ecn to off
Wed Apr  3 17:35:00 2024 daemon.notice netifd: wgclient (3247):  * Set tcp_syncookies to on
Wed Apr  3 17:35:00 2024 daemon.notice netifd: wgclient (3247):  * Set tcp_window_scaling to on
Wed Apr  3 17:35:00 2024 daemon.notice netifd: wgclient (3247):  * Running script '/etc/firewall.nat6'
Wed Apr  3 17:35:01 2024 daemon.notice netifd: wgclient (3247):  * Running script '/etc/firewall.vpn_server_policy.sh'
Wed Apr  3 17:35:01 2024 daemon.notice netifd: wgclient (3247):  * Running script '/etc/firewall.swap_wan_in_conn_mark.sh'
Wed Apr  3 17:35:01 2024 daemon.notice netifd: wgclient (3247):  * Running script '/var/etc/gls2s.include'
Wed Apr  3 17:35:01 2024 daemon.notice netifd: wgclient (3247):    ! Skipping due to path error: No such file or directory
Wed Apr  3 17:35:01 2024 daemon.notice netifd: wgclient (3247):  * Running script '/usr/bin/gl_block.sh'
Wed Apr  3 17:35:01 2024 daemon.notice netifd: wgclient (3247): uci: Entry not found
Wed Apr  3 17:35:01 2024 daemon.notice netifd: Network device 'wgclient' link is down
Wed Apr  3 17:35:01 2024 daemon.notice netifd: wgclient (3247): sh: 1: unknown operand
Wed Apr  3 17:35:02 2024 daemon.notice netifd: wgclient (3247): udhcpc: started, v1.33.2
Wed Apr  3 17:35:02 2024 daemon.notice netifd: wgclient (3247): udhcpc: sending discover
Wed Apr  3 17:35:04 2024 daemon.notice netifd: Interface 'wgclient' is now down
Wed Apr  3 17:35:04 2024 daemon.notice netifd: Interface 'wgclient' is setting up now
Wed Apr  3 17:35:04 2024 user.notice firewall: Reloading firewall due to ifdown of wgclient ()

lenovomi · May 30, 2024, 9:48am

hi
any idea here?

Thu May 30 11:11:12 2024 daemon.notice netifd: Network device 'wgclient' link is up
Thu May 30 11:11:12 2024 daemon.notice netifd: Interface 'wgclient' is now up
Thu May 30 11:11:12 2024 user.notice firewall: Reloading firewall due to ifup of wgclient (wgclient)
Thu May 30 11:11:17 2024 user.notice wgclient-up: env value:T_J_V_ifname=string J_V_address_external=1 USER=root ifname=wgclient ACTION=KEYPAIR-CREATED N_J_V_address_external=address-external SHLVL=2 J_V_keep=1 HOME=/ HOTPLUG_TYPE=wireguard T_J_V_interface=string J_V_ifname=wgclient T_J_V_link_up=boolean LOGNAME=root DEVICENAME= T_J_V_action=int TERM=linux SUBSYSTEM=wireguard PATH=/usr/sbin:/usr/bin:/sbin:/bin CONFIG_LIST_STATE= J_V_interface=wgclient K_J_V= action ifname link_up address_external keep interface J_V_link_up=1 J_V_action=0 T_J_V_address_external=boolean N_J_V_link_up=link-up T_J_V_keep=boolean PWD=/ JSON_CUR=J_V CONFIG_SECTIONS=global AzireVPN Mullvad FromApp group_8167 group_1133 group_4100 group_8671 group_570 peer_7490 peer_4825 CONFIG_cfg030f15_ports=
Thu May 30 11:11:21 2024 daemon.notice procd: /etc/rc.d/S99adguardhome: Warning: Option 'wgclient'.masq6 is unknown
Thu May 30 11:11:21 2024 daemon.notice procd: /etc/rc.d/S99adguardhome:    * Forward 'wgclient' -> 'wan'
Thu May 30 11:11:21 2024 daemon.notice procd: /etc/rc.d/S99adguardhome:    * Forward 'lan' -> 'wgclient'
Thu May 30 11:11:21 2024 daemon.notice procd: /etc/rc.d/S99adguardhome:    * Forward 'guest' -> 'wgclient'
Thu May 30 11:11:21 2024 daemon.notice procd: /etc/rc.d/S99adguardhome:    * Zone 'wgclient'
Thu May 30 11:11:21 2024 daemon.notice procd: /etc/rc.d/S99adguardhome:    * Zone 'wgclient'
Thu May 30 11:11:21 2024 daemon.notice procd: /etc/rc.d/S99adguardhome:    * Zone 'wgclient'
Thu May 30 11:11:22 2024 daemon.notice procd: /etc/rc.d/S99adguardhome:    * Zone 'wgclient'
Thu May 30 11:11:22 2024 daemon.notice procd: /etc/rc.d/S99adguardhome:    * Forward 'wgclient' -> 'wan'
Thu May 30 11:11:22 2024 daemon.notice procd: /etc/rc.d/S99adguardhome:    * Forward 'lan' -> 'wgclient'
Thu May 30 11:11:22 2024 daemon.notice procd: /etc/rc.d/S99adguardhome:    * Forward 'guest' -> 'wgclient'
Thu May 30 11:11:22 2024 daemon.notice procd: /etc/rc.d/S99adguardhome:    * Zone 'wgclient'
Thu May 30 11:11:22 2024 daemon.notice procd: /etc/rc.d/S99adguardhome: Warning: fw3_ipt_rule_append(): Can't find target 'prerouting_wgclient_rule'
Thu May 30 11:11:22 2024 daemon.notice procd: /etc/rc.d/S99adguardhome: Warning: fw3_ipt_rule_append(): Can't find target 'postrouting_wgclient_rule'
Thu May 30 11:11:22 2024 daemon.notice procd: /etc/rc.d/S99adguardhome:    * Zone 'wgclient'
Thu May 30 11:11:22 2024 daemon.notice procd: /etc/rc.d/S99adguardhome:    * Zone 'wgclient'

admon · May 30, 2024, 9:50am

Please read How to get support quickly to provide more information.
This How to troubleshoot WireGuard might be useful as well.

lenovomi · May 30, 2024, 11:08am

@admon
i dont understand what else has to be provided.

Router is connected via Ethernet WAN to internet
there is WG client running

and i am getting constantly ping timeout / internet is not working ... while connected Client via ethernet to gli LAN ports or client via wifi to gli.

admon · May 30, 2024, 11:18am

Furthermore:

Which Wi-Fi Configuration is active?

Channel
Encryption
2.4 GHz or 5 GHz
Bandwidth

lenovomi · May 30, 2024, 12:59pm

@admon the issue is not related to the wifi ...

issue is occurring via LAN cable connection and also wifi, as its happening on both transmission connections its not important hows the wifi is configured.

lenovomi · May 30, 2024, 1:04pm

This is how its looks like from the client plugged via lan/wifi to the gli router running wg client

i have other computer plugged into the same switch from which the cable goes to the gli WAN,
the ping is Stable / no packet loss.

Also other client via another wifi router connected to the same WG server and no issues
therefore the issue MUST be related to the GLi SW or HW. I have no idea why its happening and what the cause is.

admon · May 30, 2024, 1:09pm

If they are not related to Wi-Fi you can skip this information, but please provide the other information.

lenovomi · May 30, 2024, 1:28pm

Model

GL.iNet GL-A1300

Architecture

ARMv7 Processor rev 5 (v7l)

OpenWrt Version

OpenWrt 21.02.2 r16495-bf0c965af0

Kernel Version

5.4.179

Current Firmware
Version4.5.16
Firmware Typerelease2

How is your router connected to the Internet?
by cable to WLAN

Which DNS server do you use?
DNS Server
10.0.1.1
of local Router to which is gli router connected
Do you use DHCP or static IP addresses?
Static IP for WAN

lenovomi · May 30, 2024, 3:22pm

@admon

this seems to be as a bug in WG / scripts inside gli

Log
Thu May 30 15:56:44 2024 daemon.notice netifd: wgclient (23357):  * Set tcp_ecn to off
Thu May 30 15:56:44 2024 daemon.notice netifd: wgclient (23357):  * Set tcp_syncookies to on
Thu May 30 15:56:44 2024 daemon.notice netifd: wgclient (23357):  * Set tcp_window_scaling to on
Thu May 30 15:56:44 2024 daemon.notice netifd: wgclient (23357):  * Running script '/etc/firewall.nat6'
Thu May 30 15:56:44 2024 daemon.notice netifd: wgclient (23357):  * Running script '/etc/firewall.vpn_server_policy.sh'
Thu May 30 15:56:44 2024 daemon.notice netifd: wgclient (23357):  * Running script '/etc/firewall.swap_wan_in_conn_mark.sh'
Thu May 30 15:56:44 2024 daemon.notice netifd: wgclient (23357):  * Running script '/var/etc/gls2s.include'
Thu May 30 15:56:44 2024 daemon.notice netifd: wgclient (23357):    ! Skipping due to path error: No such file or directory
Thu May 30 15:56:44 2024 daemon.notice netifd: wgclient (23357):  * Running script '/usr/bin/gl_block.sh'
Thu May 30 15:56:44 2024 daemon.notice netifd: wgclient (23357): Failed to parse json data: unexpected character
Thu May 30 15:56:44 2024 daemon.notice netifd: wgclient (23357): uci: Entry not found
Thu May 30 15:56:44 2024 daemon.notice netifd: Network device 'wgclient' link is down
Thu May 30 15:56:44 2024 daemon.notice netifd: wgclient (23357): sh: 1: unknown operand
Thu May 30 15:56:45 2024 daemon.notice netifd: Interface 'wgclient' is now down
Thu May 30 15:56:45 2024 daemon.notice netifd: Interface 'wgclient' is setting up now
Thu May 30 15:56:46 2024 user.notice firewall: Reloading firewall due to ifdown of wgclient ()
Thu May 30 15:57:08 2024 daemon.notice netifd: Network device 'wgclient' link is up
Thu May 30 15:57:08 2024 daemon.notice netifd: Interface 'wgclient' is now up

admon · May 30, 2024, 3:46pm

Can you please export all logfiles and send them to me via PM?

lenovomi · May 31, 2024, 8:14am

@admon
hello,
how can i export these logs? which logs?

Thanks

admon · May 31, 2024, 8:35am

Just click "Export Log"

admon · May 31, 2024, 9:26am

I don't see any issues in the logs right now, but I will forward them to @bruce to double-check.

alzhao · May 31, 2024, 9:44am

The issue in the log is due to that there is no vpn policy configured.

So your issue is that Wireguard breaks?
It could be that network disconnect or wireguard problems.

To find out the reason:

Pls disable Wireguard to see if your network is stable. If network itself has problems we will investigate here, not wireguard.
For wireguard, if this is your own server, can you give me a config to try? In this way I can find out if it is stable in my side. If it is software bug we will be able to investigate further.

AdamK · July 13, 2024, 12:26am

You never answered what ISP. I'm wondering if you have Spectrum which is known to have issues with Wireguard. CGNAT could be the problem.