IPv6 only WireGuard funktioniert nicht

Started by JamesFrisch, December 05, 2024, 11:32:38 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
December 05, 2024, 11:32:38 AM
Hallo zusammen

Mein IPv4 WireGuard funktioniert einwandfrei.
Nur habe ich bis jetzt IPv6 vernachlässigt.


Das wollte ich nachholen und habe die Domain test.mydomain.com erstellt, ohne A record, nur AAAA record. Aber egal ob ich meine WAN SLAAC, meine WAN DHCPv6 oder meine vlan_intern Interface IPv6 nehme, ich bekomme keine Verbindung.

Anpingen kann ich alle drei IPv6 Adressen.

Mein iPhone kann ipv6.google.com aufrufen.
In den Logs auf dem iPhone sehe ich aber den Fehler no route to host.


Code Select
2024-12-05 11:12:20.896866: [APP] startActivation: Entering (tunnel: home test)
2024-12-05 11:12:20.900547: [APP] startActivation: Starting tunnel
2024-12-05 11:12:20.901026: [APP] startActivation: Success
2024-12-05 11:12:20.910009: [APP] Tunnel 'home test' connection status changed to 'connecting'
2024-12-05 11:12:20.958489: [NET] App version: 1.0.16 (27)
2024-12-05 11:12:20.958606: [NET] Starting tunnel from the app
2024-12-05 11:12:21.213335: [NET] DNS64: mapped 1234:1234:1234:1234:1234:1234:1234:1234 to itself.
2024-12-05 11:12:21.214649: [NET] Attaching to interface
2024-12-05 11:12:21.215605: [NET] UAPI: Updating private key
2024-12-05 11:12:21.215800: [NET] Routine: decryption worker 3 - started
2024-12-05 11:12:21.215970: [NET] Routine: encryption worker 1 - started
2024-12-05 11:12:21.216056: [NET] Routine: decryption worker 1 - started
2024-12-05 11:12:21.216092: [NET] UAPI: Removing all peers
2024-12-05 11:12:21.216191: [NET] Routine: handshake worker 1 - started
2024-12-05 11:12:21.216351: [NET] Routine: encryption worker 2 - started
2024-12-05 11:12:21.216556: [NET] Routine: handshake worker 2 - started
2024-12-05 11:12:21.216551: [NET] peer(3Ha2...2C2Q) - UAPI: Created
2024-12-05 11:12:21.216600: [NET] Routine: encryption worker 3 - started
2024-12-05 11:12:21.216645: [NET] Routine: decryption worker 2 - started
2024-12-05 11:12:21.216718: [NET] Routine: decryption worker 4 - started
2024-12-05 11:12:21.216860: [NET] peer(3Ha2...2C2Q) - UAPI: Updating endpoint
2024-12-05 11:12:21.216914: [NET] Routine: decryption worker 5 - started
2024-12-05 11:12:21.216957: [NET] peer(3Ha2...2C2Q) - UAPI: Updating persistent keepalive interval
2024-12-05 11:12:21.216997: [NET] peer(3Ha2...2C2Q) - UAPI: Removing all allowedips
2024-12-05 11:12:21.217120: [NET] peer(3Ha2...2C2Q) - UAPI: Adding allowedip
2024-12-05 11:12:21.217150: [NET] Routine: handshake worker 4 - started
2024-12-05 11:12:21.217241: [NET] peer(3Ha2...2C2Q) - UAPI: Adding allowedip
2024-12-05 11:12:21.217268: [NET] Routine: handshake worker 3 - started
2024-12-05 11:12:21.217325: [NET] Routine: encryption worker 5 - started
2024-12-05 11:12:21.217465: [NET] Routine: encryption worker 4 - started
2024-12-05 11:12:21.217500: [NET] Routine: decryption worker 6 - started
2024-12-05 11:12:21.217628: [NET] Routine: handshake worker 5 - started
2024-12-05 11:12:21.217712: [NET] Routine: encryption worker 6 - started
2024-12-05 11:12:21.217846: [NET] UDP bind has been updated
2024-12-05 11:12:21.217861: [NET] Routine: TUN reader - started
2024-12-05 11:12:21.217912: [NET] peer(3Ha2...2C2Q) - Starting
2024-12-05 11:12:21.217963: [NET] Interface state was Down, requested Up, now Up
2024-12-05 11:12:21.218014: [NET] Routine: handshake worker 6 - started
2024-12-05 11:12:21.218040: [NET] Device started
2024-12-05 11:12:21.218156: [NET] Routine: receive incoming v4 - started
2024-12-05 11:12:21.218225: [NET] Tunnel interface is utun10
2024-12-05 11:12:21.218259: [NET] Routine: event worker - started
2024-12-05 11:12:21.218772: [NET] Network change detected with satisfied route and interface order [pdp_ip0]
2024-12-05 11:12:21.219401: [NET] DNS64: mapped 1234:1234:1234:1234:1234:1234:1234:1234 to itself.
2024-12-05 11:12:21.219514: [NET] peer(3Ha2...2C2Q) - UAPI: Updating endpoint
2024-12-05 11:12:21.219660: [NET] Network change detected with satisfied route and interface order [pdp_ip0, utun10]
2024-12-05 11:12:21.220264: [NET] DNS64: mapped 1234:1234:1234:1234:1234:1234:1234:1234 to itself.
2024-12-05 11:12:21.220440: [NET] peer(3Ha2...2C2Q) - UAPI: Updating endpoint
2024-12-05 11:12:21.220906: [APP] Tunnel 'home test' connection status changed to 'connected'
2024-12-05 11:12:21.222061: [NET] Routine: receive incoming v6 - started
2024-12-05 11:12:21.223769: [NET] peer(3Ha2...2C2Q) - Routine: sequential receiver - started
2024-12-05 11:12:21.224410: [NET] peer(3Ha2...2C2Q) - Routine: sequential sender - started
2024-12-05 11:12:21.224630: [NET] Routine: receive incoming v4 - stopped
2024-12-05 11:12:21.224773: [NET] Routine: receive incoming v6 - stopped
2024-12-05 11:12:21.225116: [NET] UDP bind has been updated
2024-12-05 11:12:21.225212: [NET] Routine: receive incoming v4 - started
2024-12-05 11:12:21.225333: [NET] Routine: receive incoming v4 - stopped
2024-12-05 11:12:21.225416: [NET] Routine: receive incoming v6 - started
2024-12-05 11:12:21.225525: [NET] Routine: receive incoming v6 - stopped
2024-12-05 11:12:21.225711: [NET] UDP bind has been updated
2024-12-05 11:12:21.225820: [NET] Routine: receive incoming v4 - started
2024-12-05 11:12:21.225912: [NET] Routine: receive incoming v6 - started
2024-12-05 11:12:21.894818: [NET] Network change detected with satisfied route and interface order [pdp_ip0, utun10]
2024-12-05 11:12:21.895783: [NET] DNS64: mapped 1234:1234:1234:1234:1234:1234:1234:1234 to itself.
2024-12-05 11:12:21.896086: [NET] peer(3Ha2...2C2Q) - UAPI: Updating endpoint
2024-12-05 11:12:21.896509: [NET] Routine: receive incoming v4 - stopped
2024-12-05 11:12:21.896703: [NET] Routine: receive incoming v6 - stopped
2024-12-05 11:12:21.897170: [NET] UDP bind has been updated
2024-12-05 11:12:21.897215: [NET] Routine: receive incoming v4 - started
2024-12-05 11:12:21.897235: [NET] Routine: receive incoming v6 - started
2024-12-05 11:12:31.426482: [NET] peer(3Ha2...2C2Q) - Sending handshake initiation
2024-12-05 11:12:31.429487: [NET] peer(3Ha2...2C2Q) - Failed to send handshake initiation: write udp6 [::]:59855->[1234:1234:1234:1234:1234:1234:1234:1234]:51820: sendto: no route to host
2024-12-05 11:12:35.588794: [APP] Status update notification timeout for tunnel 'home test'. Tunnel status is now 'connected'.
2024-12-05 11:12:36.443928: [NET] peer(3Ha2...2C2Q) - Sending handshake initiation
2024-12-05 11:12:36.445200: [NET] peer(3Ha2...2C2Q) - Failed to send handshake initiation: write udp6 [::]:59855->[1234:1234:1234:1234:1234:1234:1234:1234]:51820: sendto: no route to host
2024-12-05 11:12:36.766280: [APP] startDeactivation: Tunnel: home test
2024-12-05 11:12:36.772260: [APP] Tunnel 'home test' connection status changed to 'disconnecting'
2024-12-05 11:12:36.789176: [NET] Stopping tunnel
2024-12-05 11:12:36.789414: [NET] Device closing
2024-12-05 11:12:36.790045: [NET] Routine: TUN reader - stopped
2024-12-05 11:12:36.790244: [NET] Routine: event worker - stopped
2024-12-05 11:12:36.790401: [NET] Routine: receive incoming v4 - stopped
2024-12-05 11:12:36.790723: [NET] Routine: receive incoming v6 - stopped
2024-12-05 11:12:36.791168: [NET] peer(3Ha2...2C2Q) - Stopping
2024-12-05 11:12:36.791311: [NET] peer(3Ha2...2C2Q) - Routine: sequential receiver - stopped
2024-12-05 11:12:36.791403: [NET] peer(3Ha2...2C2Q) - Routine: sequential sender - stopped
2024-12-05 11:12:36.791554: [NET] Device closed
2024-12-05 11:12:36.791628: [NET] Routine: decryption worker 3 - stopped
2024-12-05 11:12:36.791750: [NET] Routine: decryption worker 6 - stopped
2024-12-05 11:12:36.791811: [NET] Routine: decryption worker 4 - stopped
2024-12-05 11:12:36.791992: [NET] Routine: handshake worker 1 - stopped
2024-12-05 11:12:36.792066: [NET] Routine: handshake worker 6 - stopped
2024-12-05 11:12:36.792153: [NET] Routine: handshake worker 5 - stopped
2024-12-05 11:12:36.792313: [NET] Routine: handshake worker 4 - stopped
2024-12-05 11:12:36.792353: [NET] Routine: handshake worker 2 - stopped
2024-12-05 11:12:36.794177: [NET] Routine: decryption worker 2 - stopped
2024-12-05 11:12:36.795331: [NET] Routine: decryption worker 5 - stopped
2024-12-05 11:12:36.795662: [NET] Routine: decryption worker 1 - stopped
2024-12-05 11:12:36.795836: [NET] Routine: handshake worker 3 - stopped
2024-12-05 11:12:36.795930: [NET] Routine: encryption worker 1 - stopped
2024-12-05 11:12:36.795959: [NET] Routine: encryption worker 4 - stopped
2024-12-05 11:12:36.795992: [NET] Routine: encryption worker 3 - stopped
2024-12-05 11:12:36.796051: [NET] Routine: encryption worker 2 - stopped
2024-12-05 11:12:36.796080: [NET] Routine: encryption worker 5 - stopped
2024-12-05 11:12:36.796122: [NET] Routine: encryption worker 6 - stopped
2024-12-05 11:12:36.825811: [APP] Tunnel 'home test' connection status changed to 'disconnected'


Irgend jemand eine Idee, wo das Problem liegen könnte?
December 06, 2024, 05:05:07 PM #1
Ok, habe was rausgefunden.

Auf dem iPhone scheint das Problem entweder beim Swisscom oder an der iPhone App zu liegen.
Auf einem Windows Laptop im Geschäft, funktioniert der IPv6 Tunnel.

Ich werde also mal mit dem iPhone App im Geschäft probieren. Wenn dies klappt, ist Swisscom das Problem. Wenn nicht vermute ich die iPhone App.


Was aber auch komisch ist, ich habe auf dem Geschäftslaptop zwei identische Tunnel erstellt.

Hier meine config:

[Interface]
PrivateKey = 1234=
Address = 10.10.10.2/32
DNS = 10.0.51.1

[Peer]
PublicKey = 1234=
PresharedKey = 1234=
AllowedIPs = 10.0.51.0/24
Endpoint = ipv4only.mydomain.com:51820


Wenn der Endpoint auf ipv4only.mydomain.com:51820 ist, komme ich auf die OPNsense GUI.
Wenn aber der Endpoint auf ipv6only.mydomain.com:51820 steht, komme ich nicht drauf.
December 11, 2024, 01:04:15 PM #2
Update: Problem lag am fehlenden Neustart von WireGuard, nun klappt alles.
Print
Go Up Pages1
User actions