From: "Ivan Labáth" <labawi-wg@matrix-dream.net>
To: Hendrik Friedel <hendrik@friedels.name>
Cc: wireguard@lists.zx2c4.com
Subject: Re: Keep-alive does not keep the connection alive
Date: Sun, 20 Oct 2019 20:25:54 +0000 [thread overview]
Message-ID: <20191020202554.GA1752@matrix-dream.net> (raw)
In-Reply-To: <emb3ce60aa-e0fe-4ef1-9955-18b08ac83546@ryzen>
On Thu, Oct 17, 2019 at 07:03:40PM +0000, Hendrik Friedel wrote:
> >>
> >> >As a workaround you could
> >> > - unconditionally periodically update the endpoint
> >> This would break existing transfers without reason.
> >
> >As I said, you could try periodically updating the endpoint, and only
> >endpoint, not restarting or changing anything except peer ip+port.
> >If updating endpoint information (to the same or valid ip+port) does break
> >connections, then I believe it is a bug that should be reported.
>
> I was not able to find commands for updating the endpoint without
> restarting the tunnel.
> Can you give me a hint?
wg set <interface> [listen-port <port>] [fwmark <mark>] [private-key <file path>] [peer <base64 public key> [remove] [preshared-key <file path>] [endpoint <ip>:<port>] [persistent-keepalive <interval seconds>] [allowed-ips <ip1>/<cidr1>[,<ip2>/<cidr2>]...] ]...
so something like:
wg set <wgiface> peer <peerpubkey> endpoint <ip>:<port>
> >If the server changes IPs and the client remains reachable on previous ip+port,
> >keepalive on server should keep your tunnel alive.
> >
> >
> >Roaming will work if the side that changes ips:
> > a) has keepalive enabled, so it will send a packet periodically
> > b) sends an unsolicited packet (e.g. requests something from the
> > other side as clients usually do but server less so)
> > c) ip is changed after a request is received and before a reply is
> > sent (could happen but unreliable)
> >
>
> I think, there is an 'or' between a, b and c?
Yes, either of those.
--
Ivan
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard
prev parent reply other threads:[~2019-10-20 20:34 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-08-21 19:13 Keep-alive does not keep the connection alive Hendrik Friedel
[not found] ` <CANH_QeYQ7hyBG1qK9PJB9E77gggW0NYe70vv8m6Dn=fU5zHQbg@mail.gmail.com>
2019-08-25 18:44 ` Re[2]: " Hendrik Friedel
2019-08-26 18:02 ` Ivan Labáth
2019-08-28 6:06 ` Re[2]: " Hendrik Friedel
2019-08-28 6:17 ` Laszlo KERTESZ
2019-08-28 6:25 ` Re[2]: " Hendrik Friedel
2019-08-28 6:37 ` Laszlo KERTESZ
2019-08-28 6:54 ` Ivan Labáth
2019-08-28 7:43 ` Laszlo KERTESZ
2019-09-07 10:04 ` Re[2]: " Hendrik Friedel
2019-09-10 9:19 ` Ivan Labáth
2019-09-11 13:28 ` Vincent Wiemann
2019-10-17 19:03 ` Re[2]: " Hendrik Friedel
2019-10-20 20:25 ` Ivan Labáth [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191020202554.GA1752@matrix-dream.net \
--to=labawi-wg@matrix-dream.net \
--cc=hendrik@friedels.name \
--cc=wireguard@lists.zx2c4.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.