Vyos – Wireguard p2p BGP bug

It looks like that after couple of days of testing wireguard through vyos and using BGP for dynamic routing, i have issue with some routes learned. Actually i discovered that this is a bug of vyos with wireguard.

Routes are actually learned but are marked neighbor is marked as inactive and routers are not saved in the kernel routing tables.
Routers are there but not there.

Currently there is bug opened at vyos that should be fixed in the next version (1.3).
Somebody already discovered this as well, bug opened here.

Workaround? Yes.
I have to add to the neighbor option to “disable-connected-check”. Very good explanation here. Now routes are learned in the kernel but i don’t see the timer anymore.
This was before:

vyos@vyos-router:~$ show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP,
O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
F - PBR, f - OpenFabric,
> - selected route, * - FIB route
K>* 0.0.0.0/0 [0/0] is directly connected, pppoe0, 15:37:01
C>* 10.0.0.1/32 is directly connected, pppoe0, 15:37:01
B 10.1.1.0/24 [20/0] via 10.2.1.2 inactive, 00:00:00
B 10.2.1.0/24 [20/20] via 10.2.1.11 inactive, 00:36:45
S 10.2.1.0/24 [1/0] is directly connected, wg01, 15:37:02
C>* 10.2.1.0/24 is directly connected, wg01, 15:37:02
B>* 10.2.1.2/32 [20/0] via 10.2.1.2, wg01, 00:00:00
B>* 169.254.0.0/16 [20/0] via 10.2.1.11, wg01, 00:36:45
B>* 192.168.0.0/24 [20/0] via 10.2.1.11, wg01, 00:36:45
B>* 192.168.1.0/24 [20/0] via 10.2.1.2, wg01, 00:00:00
B>* 192.168.4.0/24 [20/0] via 10.2.1.2, wg01, 00:00:00
C>* 192.168.5.0/24 is directly connected, eth1, 15:37:06
B 192.168.5.121/32 [20/0] via 10.2.1.2 inactive, 00:00:00
B>* 192.168.6.0/24 [20/0] via 10.2.1.6, wg01, 15:36:27
B>* 192.168.9.0/24 [20/20] via 10.2.1.11, wg01, 00:36:45
B>* 192.168.11.0/24 [20/0] via 10.2.1.11, wg01, 00:36:45
B 192.168.12.0/24 [20/0] via 10.2.1.2 inactive, 00:00:00
B>* 192.168.30.0/24 [20/0] via 10.2.1.11, wg01, 00:36:45
B>* 192.168.30.1/32 [20/0] via 10.2.1.2, wg01, 00:00:00
B>* 192.168.100.0/24 [20/0] via 10.2.1.11, wg01, 00:36:45
B>* 192.168.150.0/24 [20/0] via 10.2.1.2, wg01, 00:00:00
B 192.168.195.0/24 [20/20] via 10.2.1.11, wg01, 00:36:45
S 192.168.195.0/24 [1/0] is directly connected, ztyqb3p3ce, 15:37:02
C>* 192.168.195.0/24 is directly connected, ztyqb3p3ce, 15:37:13
B>* 192.168.200.0/24 [20/0] via 10.2.1.11, wg01, 00:36:45

And after:

vyos@vyos-router:~$ show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP,
O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
F - PBR, f - OpenFabric,
> - selected route, * - FIB route
K>* 0.0.0.0/0 [0/0] is directly connected, pppoe0, 16:37:01
C>* 10.0.0.1/32 is directly connected, pppoe0, 16:37:01
B 10.1.1.0/24 [20/0] via 10.2.1.2 inactive, 00:00:00
B 10.2.1.0/24 [20/20] via 10.2.1.11 inactive, 01:36:45
S 10.2.1.0/24 [1/0] is directly connected, wg01, 16:37:02
C>* 10.2.1.0/24 is directly connected, wg01, 16:37:02
B>* 10.2.1.2/32 [20/0] via 10.2.1.2, wg01, 00:00:00
B>* 169.254.0.0/16 [20/0] via 10.2.1.11, wg01, 01:36:45
B>* 192.168.0.0/24 [20/0] via 10.2.1.11, wg01, 01:36:45
B>* 192.168.1.0/24 [20/0] via 10.2.1.2, wg01, 00:00:00
B>* 192.168.4.0/24 [20/0] via 10.2.1.2, wg01, 00:00:00
C>* 192.168.5.0/24 is directly connected, eth1, 16:37:06
B 192.168.5.121/32 [20/0] via 10.2.1.2 inactive, 00:00:00
B>* 192.168.6.0/24 [20/0] via 10.2.1.6, wg01, 16:36:27
B>* 192.168.9.0/24 [20/20] via 10.2.1.11, wg01, 01:36:45
B>* 192.168.11.0/24 [20/0] via 10.2.1.11, wg01, 01:36:45
B 192.168.12.0/24 [20/0] via 10.2.1.2 inactive, 00:00:00
B>* 192.168.30.0/24 [20/0] via 10.2.1.11, wg01, 01:36:45
B>* 192.168.30.1/32 [20/0] via 10.2.1.2, wg01, 00:00:00
B>* 192.168.100.0/24 [20/0] via 10.2.1.11, wg01, 01:36:45
B>* 192.168.150.0/24 [20/0] via 10.2.1.2, wg01, 00:00:00
B 192.168.195.0/24 [20/20] via 10.2.1.11, wg01, 01:36:45
S 192.168.195.0/24 [1/0] is directly connected, ztyqb3p3ce, 16:37:02
C>* 192.168.195.0/24 is directly connected, ztyqb3p3ce, 16:37:13
B>* 192.168.200.0/24 [20/0] via 10.2.1.11, wg01, 01:36:45

Leave a reply:

Your email address will not be published.

Site Footer