Just started playing around with WireGuard and noticed that I can not exchange tunnels - meaning I can not delete one interface and add another interface in the same commit.
Reproducable by:
set interfaces wireguard wg01 address '10.1.0.1/24' set interfaces wireguard wg01 description 'VPN-to-wg02' set interfaces wireguard wg01 peer to-wg02 allowed-ips '10.2.0.0/24' set interfaces wireguard wg01 peer to-wg02 endpoint '192.168.0.142:12345' set interfaces wireguard wg01 peer to-wg02 pubkey 'XMrlPykaxhdAAiSjhtPlvi30NVkvLQliQuKP7AI7CyI=' set interfaces wireguard wg01 port '12345' commit
vyos@vyos# delete interfaces wireguard set interfaces wireguard wg02 address '10.2.0.1/24' set interfaces wireguard wg02 description 'VPN-to-wg02' set interfaces wireguard wg02 peer to-wg02 allowed-ips '10.2.0.0/24' set interfaces wireguard wg02 peer to-wg02 endpoint '192.168.0.142:12345' set interfaces wireguard wg02 peer to-wg02 pubkey 'XMrlPykaxhdAAiSjhtPlvi30NVkvLQliQuKP7AI7CyI=' set interfaces wireguard wg02 port '12346'
vyos@vyos# show interfaces wireguard
-wireguard wg01 {
- address 10.1.0.1/24
- description VPN-to-wg02
- peer to-wg02 {
- allowed-ips 10.2.0.0/24
- endpoint 192.168.0.142:12345
- pubkey XMrlPykaxhdAAiSjhtPlvi30NVkvLQliQuKP7AI7CyI=
- }
- port 12345
-}
+wireguard wg02 {
+ address 10.2.0.1/24
+ description VPN-to-wg02
+ peer to-wg02 {
+ allowed-ips 10.2.0.0/24
+ endpoint 192.168.0.142:12345
+ pubkey XMrlPykaxhdAAiSjhtPlvi30NVkvLQliQuKP7AI7CyI=
+ }
+ port 12346
+}vyos@vyos# commit
[ interfaces wireguard wg01 ]
Traceback (most recent call last):
File "/usr/libexec/vyos/conf_mode/wireguard.py", line 356, in <module>
apply(c)
File "/usr/libexec/vyos/conf_mode/wireguard.py", line 169, in apply
if c['interfaces'][intf]['state'] == 'disable':
KeyError: 'state'
delete [ interfaces wireguard wg01 ] failed
[ interfaces wireguard wg02 ]
Traceback (most recent call last):
File "/usr/libexec/vyos/conf_mode/wireguard.py", line 356, in <module>
apply(c)
File "/usr/libexec/vyos/conf_mode/wireguard.py", line 169, in apply
if c['interfaces'][intf]['state'] == 'disable':
KeyError: 'state'
[[interfaces wireguard wg02]] failed
Commit failed