View previous topic :: View next topic |
Author |
Message |
gnegus n00b
Joined: 24 Jun 2022 Posts: 3
|
Posted: Fri Jun 24, 2022 6:25 pm Post subject: MTU isn't changed for Wireguard (netifrc) |
|
|
Hello,
I have non-standard MTU for primary interface (it is ip6gre with 1448 MTU), thus I have to alter wg0's one.
I avoid wg-quick and use netifrc, so my /etc/conf.d/net looks like
Code: | config_wg0="192.0.2.1/24"
wireguard_wg0="/etc/wg0.conf"
mtu_wg0="1368"
|
But after running rc-service net.wg0 start, I get default 1420 MTU for wg0.
Help me troubleshoot this issue, please. |
|
Back to top |
|
|
Oxore n00b
Joined: 21 Jan 2024 Posts: 1
|
Posted: Sun Jan 21, 2024 8:01 pm Post subject: |
|
|
I stumbled across the same issue when I was trying to setup Wireguard over Shadowsocks. I noticed the following line in rc-service output:
Code: | net.wg2 |Cannot find device "wg2" |
This message shows up only when I have a line like mtu_wg2="1376" in /etc/conf.d/net. It makes sense if netifrc scripts try to set the MTU value on the interface that does not exist yet. So I tried to debug the issue in the source code.
First I found the code responsible for setting an MTU value. It is located in iproute2 netifrc module:/lib/netifrc/net/iproute2.sh. There are such lines inside iproute2_pre_start function:
Code: | # MTU support
local mtu=
eval mtu=\$mtu_${IFVAR}
if [ -n "${mtu}" ]; then
_ip -v link set dev "${IFACE}" mtu "${mtu}"
fi
|
Then I moved these lines to the function named iproute2_post_start, right at it's beginning, so now it looks like this:
Code: | iproute2_post_start()
{
# MTU support
local mtu=
eval mtu=\$mtu_${IFVAR}
if [ -n "${mtu}" ]; then
_ip -v link set dev "${IFACE}" mtu "${mtu}"
fi
local _dad_timeout=
eval _dad_timeout=\$dad_timeout_${IFVAR}
_dad_timeout=${_dad_timeout:-${dad_timeout:-5}}
| more lines follow...
After I made the changes above, I restarted my wireguard interface and found that MTU is applied correctly and there are no messages like "Cannot find device" anymore.
I believe that something is wrong with netifrc scripts, but I'm not sure how it should be fixed. I will probably make a local patch for netifrc out of the experiment above and call it a day. |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|