Wireguard MTU issues after reboot

Started by rbe, July 17, 2023, 10:22:00 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
July 17, 2023, 10:22:00 PM
Hi all,

I have a fairly simple wireguard setup between my opnsense at home and a VPS in a datacenter. Wireguard is configured with an MTU of 1380 on both, the wireguard config (both ends) and on my wg0 interface on my opnsense.
This works flawlessly until I reboot. After that, the tunnel comes back up properly but it looks like the MTU isn't being set properly in the interface.
When I head to the wg0 interface on the opnsense and click apply once without doing any changes, the tunnel instantly works and transfers data.

I do think that this is related to the MTU as http works partially after reboot (before re-applying the interfaces settings) but https doesn't at all, this is the same which I observed before I put the MTU down to 1380 (behind a PPPoE IPv6 line).

Does anyone have insights what might be going wrong here?

Thanks,
Robin
July 23, 2023, 12:18:10 PM #1
Sorry to dumb..
Does anyone have an idea?

I just had the same behavior after a reboot again. Checking ifconfig, I see that the MTU of 1380 is applied and I can reach the other end of the tunnel, however anything TLS based doesn't go through until through until I click apply in the interface UI again.

Code Select

root@fw01:~ # ifconfig wg1
wg1: flags=80c1<UP,RUNNING,NOARP,MULTICAST> metric 0 mtu 1380
        options=80000<LINKSTATE>
        inet 10.0.0.2 netmask 0xffffff00
        groups: wg wireguard
        nd6 options=103<PERFORMNUD,ACCEPT_RTADV,NO_DAD>
July 23, 2023, 12:42:23 PM #2
Interfaces > LAN - set the MSS to a suitably low value.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
Print
Go Up Pages1
User actions