Thanks so much Matt!
It works! I've reenabled PersistantKeepalive overnight and mbufs are staying low.
The failed handshakes are still occurring, "ifconfig wg0 debug" filled my dmesg with hundreds of lines like:
> wg0: Handshake for peer 10 did not complete after 5 seconds, retrying (try 6)
> wg0: Sending handshake initiation to peer 10
> wg0: Zeroing out keys for peer 10
But I don't have any evidence that this is hurting anything :)
--Matt
> On Aug 4, 2021, at 5:36 AM, Matt Dunwoodie <ncon@noconroy.net> wrote:
>
> On Tue, 3 Aug 2021 13:02:15 -0500
> "Matt P." <hybrid120@gmail.com> wrote:
>
>> Hi Stuart!
>>
>> Your advice lead me to discover, the issue happens only with the
>> "PersistantKeepalive = 25" option I had enabled on each wg-quick
>> peer. Looks like you could recreate it by making a few no-address
>> peers with this option enabled.
>
> Hi Matt,
>
> This insight was very helpful. It looks like mbufs are not freed if
> we're sending to a peer with no endpoint. Specifically, "wg_send" is
> expected to free the mbuf if there is an error sending. This (untested)
> patch should fix it.
>
> Cheers,
> Matt
>
> diff --git if_wg.c if_wg.c
> index 18333eda4cb..5f4319558ab 100644
> --- if_wg.c
> +++ if_wg.c
> @@ -810,6 +810,7 @@ wg_send(struct wg_softc *sc, struct wg_endpoint *e, struct mbuf *m)
> IPPROTO_IPV6);
>
No comments:
Post a Comment