Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
21.1 Legacy Series
»
Wireguard kmod issue I had to overcome.
« previous
next »
Print
Pages: [
1
]
Author
Topic: Wireguard kmod issue I had to overcome. (Read 2027 times)
allebone
Sr. Member
Posts: 402
Karma: 34
Wireguard kmod issue I had to overcome.
«
on:
July 12, 2021, 02:57:25 pm »
Hi there,
I saw everyone said the wireguard kernel version was faster/better than using the wireguard go option in opnsense. I had attempted to use it and found the opposite, and it was unstable so I tried to find the cause.
As it turns out I have a pppoe connection and noticed that MTU on my pppoe interface was 1492. On wireguard interface the MTU was set to 1420 which would be acceptable on an 1500 wan interface setup.
However I found it was impossible to change the MTU on the WG interface. I set 1412 as the MTU on my wireguard interface and it rebooted the Firewall but found even after reboot the overview area showed MTU of 1420 still on the WG interface.
This was causing some timeouts on speedtest on my phone and also WG to run slow.
So I had to go to Firewall - Settings - Normalization and set a Max mss of 1412. This resolved the issues and brought wireguard back to normal.
I did not experience these issues on the WG-go implementation.
Also I dont understand why setting an MTU on the WG interface did not change the MTU after a reboot.
Lastly, while I can see the wg-go service is stopped in the gui, is there a command I can run to check which module is being used from the CLI (ie either go or kmod) in case I need to do so from the CLI easily?
Kind regards
Pete
@franco
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
21.1 Legacy Series
»
Wireguard kmod issue I had to overcome.