Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
MTU isn't changed for Wireguard (netifrc)
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
gnegus
n00b
n00b


Joined: 24 Jun 2022
Posts: 3

PostPosted: Fri Jun 24, 2022 6:25 pm    Post subject: MTU isn't changed for Wireguard (netifrc) Reply with quote

Hello,

I have non-standard MTU for primary interface (it is ip6gre with 1448 MTU), thus I have to alter wg0's one.
I avoid wg-quick and use netifrc, so my /etc/conf.d/net looks like

Code:
config_wg0="192.0.2.1/24"
wireguard_wg0="/etc/wg0.conf"
mtu_wg0="1368"


But after running rc-service net.wg0 start, I get default 1420 MTU for wg0.

Help me troubleshoot this issue, please.
Back to top
View user's profile Send private message
Oxore
n00b
n00b


Joined: 21 Jan 2024
Posts: 1

PostPosted: Sun Jan 21, 2024 8:01 pm    Post subject: Reply with quote

I stumbled across the same issue when I was trying to setup Wireguard over Shadowsocks. I noticed the following line in rc-service output:
Code:
net.wg2                   |Cannot find device "wg2"

This message shows up only when I have a line like mtu_wg2="1376" in /etc/conf.d/net. It makes sense if netifrc scripts try to set the MTU value on the interface that does not exist yet. So I tried to debug the issue in the source code.

First I found the code responsible for setting an MTU value. It is located in iproute2 netifrc module:/lib/netifrc/net/iproute2.sh. There are such lines inside iproute2_pre_start function:
Code:
        # MTU support
        local mtu=
        eval mtu=\$mtu_${IFVAR}
        if [ -n "${mtu}" ]; then
                _ip -v link set dev "${IFACE}" mtu "${mtu}"
        fi

Then I moved these lines to the function named iproute2_post_start, right at it's beginning, so now it looks like this:
Code:
iproute2_post_start()
{
        # MTU support
        local mtu=
        eval mtu=\$mtu_${IFVAR}
        if [ -n "${mtu}" ]; then
                _ip -v link set dev "${IFACE}" mtu "${mtu}"
        fi

        local _dad_timeout=

        eval _dad_timeout=\$dad_timeout_${IFVAR}
        _dad_timeout=${_dad_timeout:-${dad_timeout:-5}}
more lines follow...

After I made the changes above, I restarted my wireguard interface and found that MTU is applied correctly and there are no messages like "Cannot find device" anymore.

I believe that something is wrong with netifrc scripts, but I'm not sure how it should be fixed. I will probably make a local patch for netifrc out of the experiment above and call it a day.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum