![]() ![]() The network statements under router ospf do not include the loopback interface. Inet 10.0.1.9/32 brd 255.255.255.255 scope global all_pingĩ: wlan1: mtu 1500 qdisc noqueue state UP group default qlen 1000 The loopback interface in R1 is not in the OSPF domain. Option leasetrigger '/usr/sbin/odhcpd-update'ġ: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000ĥ: br-lan: mtu 1500 qdisc noqueue state UP group default qlen 1000 Option network 'lan wwan repeater_bridge wwan6 vpn wwan' ![]() Output from cat /etc/config/network cat /etc/config/firewall cat /etc/config/dhcp ip -4 addr ip -4 ro ip -4 ru config interface 'loopback' The output of ip r seems to stay the same when it's working and when it's not: ip rĭefault via 192.168.1.1 dev wlan1 proto static src 192.168.1.228ġ0.0.1.0/24 dev all_ping proto static scope linkġ92.168.1.0/24 dev wlan1 proto kernel scope link src 192.168.1.228ġ92.168.10.0/24 dev br-lan proto kernel scope link src 192.168.10.1 So I suspect that my bridge config interacts with wireguard in a bad way somehow. If I restart the interface on O, nothing changes, it still doesn't work.īut if I restart the whole device O, then it works again, for a few minutes. ![]() You can also use ping -4 localhost or ping -6 localhost to check IPv4 or IPv6, respectively. At this point, wg still has about the same content: recent handshake, and the KiB of data sent / received keeps increasing slightly, which I find surprising given that ping no longer works. By pinging the localhost or the loopback address (127.0.0.1), you can verify that TCP/IP is functioning correctly on Joes local system. In the first terminal you should see the three pings, if it is not your fault, otherwise you should see only one. apt-get update apt-get install tcpdump tcpdump -i eth0 -n icmp. It varies, sometimes 2min, sometimes 10min. On one of them, issue as sudo the following commands. Problem is: while the tunnel works fine at the beginning (ping works from both sides, I can start an ssh connection from one side to the other), it no longer works after a few minutes. I've tried with a /32 but it didn't improve the situation. The latest handshake never goes beyond a few minutes (2 I think).Īllowed ips is /24 so that I can access other peers through S. The output of wg on O looks like: peer: SOME_PUBLIC_KEY I have configured Wireguard on O to connect to S. O also acts as an AP, bridging its own wifi network with the one from R openwrt router O, wireguard ip 10.0.1.9.globally reachable server S, wireguard ip 10.0.1.1.Otherwise the the 5.5.5.0 or 6.6.6.0 networks will never make it across to the correct router. Success rate is 100 percent (5/5), round-trip min/avg/max = 0/0/0 msĪlso - as a note - when using RIP, you will need to advertise both 5.5.5.0 and 192.168.1.0. Packet sent with a source address of 6.6.6.6 edit firewall family inet filter Protect-RE. set firewall family inet filter Protect-RE term lo0 then accept. ![]() At the end, a raspberry pi connected to F1/0/3 on ServerA. Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds: Add a new term to allow the traffic for NTP from its own loopback interface, and insert it before the NTP term described below: set firewall family inet filter Protect-RE term lo0 from source-address 192.168.0.1/32. A router (B) connected to another router (A), this router (A) connected to two core switches, both connected to a server switch. Packet sent with a source address of 5.5.5.5 Sending 5, 100-byte ICMP Echos to 6.6.6.6, timeout is 2 seconds: Loose, Strict, Record, Timestamp, Verbose: But I am still answering the question.įill out the form & at the Extended commands choose/type Y and enter the source address OK - I know that this is over six years OLD and I know that it is probably answered 100 times elsewhere. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |