I want to get iperf3 to benchmark a simple wireguard setup on my LAN. I have two machines, foo is 192.168.1.228 and bar is 192.168.1.112.
These IP addresses are fully functional on their respective eth0 interfaces. Each one also has a wg0 interface configured as shown below. I can get iperf3 to work over the non-wireguard interfaces, but not over the wireguard interfaces. What am using iperf3 wrong? Did I misconfigure wg? Details: Here are the /etc/wireguard/wg0.conf files for both machines (I don't care if the public/private keys are present/this is only a test environment and it will allow others to simply copy/paste if they want to test as well): On foo: #### [Interface] Address = 10.0.9.15/24 SaveConfig = true ListenPort = 500 PrivateKey = kLac+M+JJJ+gpsKo1DeUyfuwfDwGeKMj81+M3Z3mUkw= [Peer] PublicKey = y6DrsFVIgqBMc8joSuEytCpQEywk5dPKRoeLZZC9H34= AllowedIPs = 10.0.9.16/32 #### On bar: #### [Interface] Address = 10.0.9.16/24 SaveConfig = true ListenPort = 500 FwMark = 0xca6c PrivateKey = 4EwMqSyvLaHrv5JvAAyKnmdbw9UN4rsjydkPXb5ll28= [Peer] PublicKey = SkBs9t96znOr+d60tgPlXkp7z6YABvfxD9KNVzZIP3I= AllowedIPs = 0.0.0.0/0 Endpoint = 192.168.1.228:500 #### Again, both wireguard interfaces are up and connected. For example, on foo: # wg interface: wg0 public key: SkBs9t96znOr+d60tgPlXkp7z6YABvfxD9KNVzZIP3I= private key: (hidden) listening port: 500 peer: y6DrsFVIgqBMc8joSuEytCpQEywk5dPKRoeLZZC9H34= endpoint: 192.168.1.112:500 allowed ips: 10.0.9.16/32 latest handshake: 10 minutes, 41 seconds ago transfer: 32.45 KiB received, 8.24 KiB sent If I run iperf3 in server mode on foo and in client mode on bar, it works as expected using the non-wireguard interfaces: On foo: % iperf3 -s -B 192.168.1.228 ----------------------------------------------------------- Server listening on 5201 ----------------------------------------------------------- Accepted connection from 192.168.1.112, port 58575 [ 5] local 192.168.1.228 port 5201 connected to 192.168.1.112 port 46261 [ ID] Interval Transfer Bitrate [ 5] 0.00-1.00 sec 107 MBytes 900 Mbits/sec [ 5] 1.00-2.00 sec 112 MBytes 939 Mbits/sec [ 5] 2.00-3.00 sec 112 MBytes 940 Mbits/sec [ 5] 3.00-4.00 sec 112 MBytes 938 Mbits/sec [ 5] 4.00-5.00 sec 112 MBytes 940 Mbits/sec [ 5] 4.00-5.00 sec 112 MBytes 940 Mbits/sec - - - - - - - - - - - - - - - - - - - - - - - - - [ ID] Interval Transfer Bitrate [ 5] 0.00-5.00 sec 596 MBytes 1.00 Gbits/sec receiver iperf3: the client has terminated On bar: % iperf3 -c 192.168.1.228 -B 192.168.1.112 Connecting to host 192.168.1.228, port 5201 [ 5] local 192.168.1.112 port 46261 connected to 192.168.1.228 port 5201 [ ID] Interval Transfer Bitrate Retr Cwnd [ 5] 0.00-1.00 sec 113 MBytes 950 Mbits/sec 0 281 KBytes [ 5] 1.00-2.00 sec 112 MBytes 939 Mbits/sec 0 296 KBytes [ 5] 2.00-3.00 sec 112 MBytes 938 Mbits/sec 0 296 KBytes [ 5] 3.00-4.00 sec 112 MBytes 938 Mbits/sec 0 296 KBytes [ 5] 4.00-5.00 sec 112 MBytes 944 Mbits/sec 0 308 KBytes ^C[ 5] 5.00-5.33 sec 36.7 MBytes 939 Mbits/sec 0 308 KBytes - - - - - - - - - - - - - - - - - - - - - - - - - [ ID] Interval Transfer Bitrate Retr [ 5] 0.00-5.33 sec 598 MBytes 942 Mbits/sec 0 sender [ 5] 0.00-5.33 sec 0.00 Bytes 0.00 bits/sec receiver iperf3: interrupt - the client has terminated When I try using the IP addresses of the respective wireguard interfaces, I get nothing: On foo: % iperf3 -s -B 10.0.9.15 ----------------------------------------------------------- Server listening on 5201 ----------------------------------------------------------- On bar: % iperf3 -c 10.0.9.15 -B 10.0.9.16 iperf3: error - unable to connect to server: Connection timed outa _______________________________________________ WireGuard mailing list [email protected] https://lists.zx2c4.com/mailman/listinfo/wireguard
