On 18 September 2021 10:48 Geert Stappers, wrote: > On Sat, Sep 18, 2021 at 09:42:13AM +0200, Geert Stappers wrote: >> On Sat, Sep 18, 2021 at 08:51:32AM +0200, Gijs Hillenius wrote: > [...] knip >> > client >> > ,---- >> > | [Interface] >> > | Address = 10.93.15.2/24, fdab:9205:cf78:f608::2/64 >> > | PrivateKey = <snip> >> > | >> > > <knip/> >> > >> > en dan testen met ping >> > ping6 ping.xs4all.nl >> > PING ping.xs4all.nl(ping.xs4all.nl (2001:888:0:5::1)) 56 data bytes >> > ^C >> > --- ping.xs4all.nl ping statistics --- >> > 5 packets transmitted, 0 received, 100% packet loss, time 4077ms >> > > > Netwerkpakketten vanaf fdab:9205:cf78:f608::2 bereiken > misschien wel 2001:888:0:5::1, maar pakketen van 2001:888:0:5::1 > vinden niet hun weg terug naar fdab:9205:cf78:f608::2. > > [1] > > Iets om te proberen: > Onder 2a01:4f8:200:546b/64 bijvoorbeeld 2a01:4f8:200:546b:4653/80 > hangen. Aan wireguard server geef je 2a01:4f8:200:546b:4653::1 > Aan wireguard client geef je 2a01:4f8:200:546b:4653::2 [2]
Met andere woorden, je wilt dat ik dit probeer. (spoiler: het wil niet, zie onder) wg0 op de client ,---- | [Interface] | Address= 10.93.15.2/24, 2a01:4f8:200:546b:4653::2/64 | PrivateKey = <snip> | | [Peer] | PublicKey = P3GrgaFCxj6gc6CnOUPo8vxBtKaOcKa7wa8LoL1oUl0= | Endpoint = [2a01:4f8:200:546b::9e15:1]:51820 | AllowedIPs = 0.0.0.0/0, ::/0 | | PersistentKeepalive = 25 `---- wg0 op de server ,---- | [Interface] | Address = 10.93.15.1/24, 2a01:4f8:200:546b:4653::1/64 | PrivateKey = <snip> | ListenPort = 51820 | | [Peer] | PublicKey = nRwfI98C+AFDaLZuaF1i7YWrj7yQDHrQO07XvivGn2U= | AllowedIPs = 10.93.15.2/32, fdab:9205:cf78:f608::2/128 `---- Beiden aangezet, maar de client moppert meteen: server wg-quick up wg0 [#] ip link add wg0 type wireguard [#] wg setconf wg0 /dev/fd/63 [#] ip -4 address add 10.93.15.1/24 dev wg0 [#] ip -6 address add 2a01:4f8:200:546b:4653::1/64 dev wg0 [#] ip link set mtu 1420 up dev wg0 [#] ip -6 route add fdab:9205:cf78:f608::2/128 dev wg0 dan de client: wg-quick up wg0 [#] ip link add wg0 type wireguard [#] wg setconf wg0 /dev/fd/63 [#] ip -4 address add 10.93.15.2/24 dev wg0 [#] ip -6 address add 2a01:4f8:200:546b:4653::2/64 dev wg0 RTNETLINK answers: Network is unreachable [#] ip link set mtu 1420 up dev wg0 [#] wg set wg0 fwmark 51820 [#] ip -6 route add ::/0 dev wg0 table 51820 [#] ip -6 rule add not fwmark 51820 table 51820 [#] ip -6 rule add table main suppress_prefixlength 0 [#] ip6tables-restore -n [#] ip -4 route add 0.0.0.0/0 dev wg0 table 51820 [#] ip -4 rule add not fwmark 51820 table 51820 [#] ip -4 rule add table main suppress_prefixlength 0 [#] sysctl -q net.ipv4.conf.all.src_valid_mark=1 [#] iptables-restore -n Network unreachable, maar eigenwijs toch ping6 geprobeerd: ping6 ping.xs4all.nl PING ping.xs4all.nl(ping.xs4all.nl (2001:888:0:5::1)) 56 data bytes ^C --- ping.xs4all.nl ping statistics --- 13 packets transmitted, 0 received, 100% packet loss, time 12294ms