Wireguard k-mod interface errors

[yeraycito]

I have wireguard k-mod installed on Opnsense and I use that connection on an Android phone. The wireguard application on Android is permanently connected 24 hours a day. It works perfectly except for receiving messages via instant messaging (whasapp - signal) which arrive with a long delay. In Opnsense I had noticed that the WG interface had input errors. Wireguard, by its own operation, pauses the connection when no data is sent or received. The problem is that the connection pause is too long and prevents data from being sent or received. To avoid this Wireguard recommends setting a persistent keepalive of 25 seconds in the client configuration. This setting does not solve the problem and whasapp messages are still delayed and in Opnsense the WG interface is still giving errors. To solve this, you have to do the following:

- Opnsense: VPN - WireGuard - Endpoints - keepalive = 1

- WireGuard client: Persistent keepalive = 1

It is very important to make both settings because both wireguard in opnsense and wireguard in the client send the keepalive packets but even if you set 1 second in the configuration they actually take a bit longer to send. The way to check this is to look at how the data is sent and received and how often it is sent and received in Opnsense - vpn - wireguard - List Configuration.

With these settings, the problems with sending and receiving data in the wireguard client as well as the error data in the wg-interface in Opnsense disappear.

[yeraycito]

These problems also occur with wireguard-go. To solve them, the settings described above must be applied.

[yeraycito]

With the settings explained above there are no errors in the wg-interface but there is a high battery consumption on the smartphone. To solve the latter, the following settings are better:

- Opnsense: VPN - WireGuard - Endpoints - keepalive = 5

- WireGuard client: Default options

Any setting longer than 5 seconds in Opnsense-wireguard causes errors in the wg-interface.