Wireguard and ZeroTier switched interface on Reporting-Insight

jaykumar2005 · June 22, 2022, 10:22:27 AM

I am running both Wireguard and Zerotier the Opnsense firewall ( OPNsense 22.1.8 ) , with firewall rules & Gateway for each interface. I have enabled Netflow on LAN/WAN interface capturing locally.

For some reason, Reporting --> Insight shows Wireguard traffic on Zerotier interface and Zerotier traffic on Wireguard interface. This is true for Insight Graph and Traffic tab as well.

Strangely enough, realtime traffic under Reporting --> Traffic (Graph and Top Talkers) show correct traffic for each of these interfaces.

This looks like a cosmetic issue with no affect on Firewall rules, Routing or Gateway etc.. What could be causing this?

jaykumar2005 · June 22, 2022, 08:14:22 PM

Did a packet capture of both WG0 and ZT0, don't see any source/destination mismatch.

Looks like this might be issue with Netflow tagging the interface incorrectly, any idea how to troubleshoot and fix it?

franco · June 23, 2022, 08:17:08 AM

Netflow uses interface index instead of name to represent data which can overlap interfaces created after boot for different reasons. The output is most reliable on fixed hardware interfaces.

Cheers,
Franco

jaykumar2005 · June 23, 2022, 12:30:36 PM

Sorry don't understand the inner working of Netflow, but can I manally override this index?

Any other suggestion to fix this?

franco · June 23, 2022, 12:48:50 PM

In any case you can raise a bug report here, but I'm unsure how much effort is required to fix this.

https://github.com/opnsense/core/issues/new?assignees=&labels=&template=bug_report.md&title=

Cheers,
Franco

Wireguard and ZeroTier switched interface on Reporting-Insight

jaykumar2005

June 22, 2022, 10:22:27 AM Last Edit: June 22, 2022, 10:24:38 AM by jaykumar2005

jaykumar2005

June 22, 2022, 08:14:22 PM #1

franco

June 23, 2022, 08:17:08 AM #2

jaykumar2005

June 23, 2022, 12:30:36 PM #3

franco

June 23, 2022, 12:48:50 PM #4