Page MenuHomeVyOS Platform
People rchrist

rchrist (Robin Christ)
User

Projects

User does not belong to any projects.

User Details

User Since
Apr 29 2024, 4:22 PM (18 w, 5 d)

Recent Activity
View All

May 1 2024

rchrist added a comment to T6281: Wireguard does not pass traffic if VRFs are used.
In T6281#185620, @c-po wrote:

You probably should get the wireguard interface running in your default VRF first and see if traffic properly passes - once that's working for oyu you can move it into a VRF. Please not only the decrypted side of the WireGuard interface will reside in the VRF. The side passing encrypted packets ALWAYS is in the default VRF (Linux Kernel)

May 1 2024, 9:28 AM · VyOS 1.5 Circinus

Apr 29 2024

rchrist added a comment to T6281: Wireguard does not pass traffic if VRFs are used.
In T6281#185394, @c-po wrote:

Please note that the Wireguard tunnel itself is sourced from the default VRF. Only the "inner side" of the tunnel runs in VRF wan.

There is no possibility to source the wireguard interface from

  • Another VRf
  • A discrete source IP
  • A discrete source interface

This can only be handled by applying fwmark values and policy based routing - this is a WireGuard design thing.

Apr 29 2024, 7:29 PM · VyOS 1.5 Circinus
rchrist added a comment to T5811: static dhcp-interface routes not installed.

Running into this issue on VyOS 1.5-rolling-202404280021

set protocols static route xxx.xxx.74.149/32 dhcp-interface eth1.999
Apr 29 2024, 5:23 PM · VyOS 1.4 Sagitta (1.4.1)
rchrist added a comment to T4214: [DHCP] static route dhcp-interface issues.
Apr 29 2024, 5:22 PM · VyOS 1.3 Equuleus (1.3.9)
rchrist created T6281: Wireguard does not pass traffic if VRFs are used.
Apr 29 2024, 4:35 PM · VyOS 1.5 Circinus