On 04/15/2018 08:49 PM, Patrick O'Sullivan wrote:
$ sudo ip route show
default via 10.199.199.1 dev wlan0
10.111.111.0/24 dev wg0 proto kernel scope link src 10.111.111.100
10.199.199.0/24 dev wlan0 proto kernel scope link src 10.199.199.131
By this route table, traffic to e.g. 126.96.36.199 should use 10.199.199.1.
Packet captures were showing traffic trying to instead use wg0. Then I
$ sudo ip route get 188.8.131.52
184.108.40.206 dev wg0 table 51820 src 10.111.111.100
Can someone please explain this behavior?
Table 51820 is the default table used by wg-quick.
From wg-quick's man page:
It infers all routes from the list of peers' allowed IPs, and automatically
adds them to the system routing table. If one of those routes is the default
route (0.0.0.0/0 or ::/0), then it uses ip-rule(8) to handle overriding of the
WireGuard mailing list