Applying Wireguard Peer Settings overwrites Static Routes

Started by crlt, Today at 04:36:17 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
Today at 04:36:17 AM Last Edit: Today at 05:09:57 AM by crlt
Modifying or adding wireguard peers with a modified allowed IPs field causes some static routes configured in the GUI (or obtained via BGP) to disappear? I've already checked the box to disable adding routes in the wireguard instance but that doesn't seem to change the behavior of the peer setting? Has anyone been able to get around this? It only seems to happen when modifying a peer that has a conflicting route.

I don't need wireguard to install this route but wireguard still needs it since the allowed ips is also a form of authentication for wireguard to allow traffic to pass over its own interface. Anyone have any experience or workarounds?

For example I have a remote site 10.20.0.0/16 which is routed via BGP over a peering network that goes over the Wireguard tunnel. If I modify the peer of that wireguard tunnel containing any overlapping subnet it will delete the routes learned via BGP or static routes... and wireguard needs to have the allowed IP set (for example to 10.20.0.0/16) to permit traffic over the interface even though the route is not required since thats learned through BGP and the wireguard tunnel interface is a gateway... I have to re-apply any static routes (like to the peering instance) and stop and restart FRR.
Print
Go Up Pages1
User actions