Hi all,
I'm running wireguard-go in 23.1. After updating to 23.7 wireguard-go is still listed as installed, but it seems the kmod variant is used, as the issues described in this post https://forum.opnsense.org/index.php?topic=32110.msg155352#msg155352 (https://forum.opnsense.org/index.php?topic=32110.msg155352#msg155352) are reappearing. Also there is no longer a running wireguard-go process and the services only list wireguard as running.
Tried switching between both plugins as I did in 23.1, but I still cannot make the system use the go variant.
Thanks for your help!
Screenshot of plugin list please.
Cheers,
Franco
Here you go:
Additionally services and processes.
Ah, this is great. wireguard-go doesn't work because FreeBSD 13.2 has WireGuard in the kernel. -.-
I'll try to see if I can fix this for 23.7.2.
Cheers,
Franco
Thanks!
For reference:
https://github.com/WireGuard/wireguard-tools/blob/13f4ac4cb74b5a833fa7f825ba785b1e5774e84f/src/wg-quick/freebsd.bash#L117-L129
wg-quick just tries to add an interface and if it works it ignores the go implementation.
I don't see another choice but to disable the WireGuard kernel module.
Cheers,
Franco
PS: Maybe if you do this you can trick it into using go on the next reboot:
# mv /boot/kernel/if_wg.ko /root
Nice, that works!
@Mechman: I was experiencing the malfunction of the WG kernel (and go as of latest OPNsense update) [Wireguard handshakes are timing out] but I managed to keep it working by adding this in the endpoint(s)
Keepalive Interval 25
I already have keepalives active, but still packets were sent out the wrong interface. For now go works fine, I will monitor this as it is an intermittent issue.
The fix in 23.7.2 is working, wireguard-go runs fine again.
Keep up the great work, so far no other issues with 23.7!
Thanks again, Franco!
This was an unforeseen complication in the upgrade. Sorry for the trouble.
Cheers,
Franco