WireGuard does not auto start after Update 22.7.8 [SOLVED]

[TomFreudenberg]

Hi,

after updating two opnsense 22.7.7 to 22.7.8 the WireGuard is not starting anymore on reboot.

Checking on console following happens:

Code Select Expand


/usr/local/etc/rc.d/wireguard start


console.

Code Select Expand


[#] ifconfig wg create name wg1
[!] Missing WireGuard kernel support (ifconfig: SIOCIFCREATE2 (wg): Invalid argument). Falling back to slow userspace implementation.
[#] wireguard-go wg1
┌──────────────────────────────────────────────────────┐
│                                                      │
│   Running wireguard-go is not required because this  │
│   kernel has first class support for WireGuard. For  │
│   information on installing the kernel module,       │
│   please visit:                                      │
│         https://www.wireguard.com/install/           │
│                                                      │
└──────────────────────────────────────────────────────┘
[#] wg setconf wg1 /dev/stdin
[#] ifconfig wg1 inet 10.254.0.1/32 alias
[#] ifconfig wg1 mtu 1420
[#] ifconfig wg1 up
[#] route -q -n add -inet 10.254.0.2/32 -interface wg1
[#] route -q -n add -inet 10.254.2.0/24 -interface wg1
[+] Backgrounding route monitor



I can click also on the START button at the dashboard and the WireGuard is running then.

Any suggestions?

[mimugmail]

Do you see any errors during bootup via console?

[TomFreudenberg]

No, no errors on console or anywhere I checked so far.

BUT

After pressing the Button on DASHBOARD the console shows:

Code Select Expand


tun0: link state changed to UP
changing name to 'wg1'


Then the tunnel is directly online and full functioning

[TomFreudenberg]

Nobody here interested or can help?

I tried a number of things - even complete reinstall but no luck ???

Does anyone have WireGuard running on 22.7.8 with autostart and re-started tunnel?

Thanks for any help or feedback.

--------------

What I can say from my site:

After installation the Interface assignment is

Name (opt1) wg1 [00:00:00:00:00:00]

After reboot the Interface assignment is

Name (opt1) vtnet0 [vtnet0 MAC address]

After manual Start of the WireGuard service (Press button start on Dashboard)

Name (opt1) wg1 [00:00:00:00:00:00]

On console you can see the message

tun0: link state changed to UP
tun0: changing name to 'wg1'

---------------------

It looks like the assignment does not survive the assignment until tun0 is renamed?

[TomFreudenberg]

When I stop and re-start WireGuard from Dashboard console always shows:

wg1: link state changed to DOWN
tun0: link state changed to UP
tun0: changing name to 'wg1'

So maybe it not the assignment ???

Stil wondering if anybody is using WireGuard site 2 site

[mimugmail]

Did you assign the WG interfaces? This is not needed on a site2site tunnel

[Julien]

We are using them no issues noted really!

[TomFreudenberg]

Yihaaa :-)

Got the issue with help from twitter friends ;-)

Problem was using a dns-name in endpoint config instead ip directly.

So when wirguard starts the Unbound->Bind chain was not ready and the service did not get the server ip.

Three solutions were suitable:

1. change name into ip
2. add some sleep time to the wireguard start
3. add the ip and name to the hosts file

I choose (1) while that's available via Web GUI

Cheers
Tom

[chemlud]

Hmmm, have you installed the Cron job for restarting stale WG tunnels? This step should be integral for every how-to (including the OPNsense documentation), when using name resolution imho....