| Unknown Object (User) | |
| Oct 9 2018, 7:15 PM |
The validation logic in interfaces wireguard wgX address x.x.x.x is broken for /31 networks where it doesn't accept the "broadcast address", which is valid in this case.
# set interfaces wireguard wg0 address 172.16.0.4/31 Invalid value Value validation failed Set failed
This is still not added to rc3 and rc4 same error
[edit]
fma@pe2# set interfaces wireguard wg0 address 10.0.90.1/24
[edit]
fma@pe2# set interfaces wireguard wg0 peer skywall pubkey '*********************************='
[edit]
fma@pe2# set interfaces wireguard wg0 peer skywall endpoint 85.*.*.*:12345
[edit]
fma@pe2# set interfaces wireguard wg0 peer skywall persistent-keepalive 1500
[edit]
fma@pe2# set interfaces wireguard wg0 peer skywall allowed-ips 10.0.0.0/8
[edit]
fma@pe2# comp
[edit interfaces]
+wireguard wg0 {
+ address 10.0.90.1/24
+ peer skywall {
+ allowed-ips 10.0.0.0/8
+ endpoint 85.*.*.*:12345
+ persistent-keepalive 1500
+ pubkey *********************************=
+ }
+}
[edit]
fma@pe2# commit
[ interfaces wireguard wg0 ]
Can't set IP 10.0.90.1/24 on wg0
[[interfaces wireguard wg0]] failed
Commit failed
[edit]
fma@pe2# run show ver
Version: VyOS 1.2.0-rc4
Built by: [email protected]
Built on: Thu 25 Oct 2018 12:11 UTC
Build ID: fc6f1379-a062-4381-b9fe-30ba45ee22bd
Architecture: x86_64
Boot via: installed image
System type: KVM guest
Hardware vendor: QEMU
Hardware model: Standard PC (i440FX + PIIX, 1996)
Hardware S/N: Unknown
Hardware UUID: Unknown
Copyright: VyOS maintainers and contributors
[edit]I'll remove the ip-host validator from the wireguard tree, it causes a few issues if the network name is picked as address. e.g. 10.1.1.2/31
Thanks hagbard!
I was litterally pulling my hair out over the error cause i have seen wireguard work in all its glory.
If i want to apply the patch on my own are there any resources i should use or is it simply a dpkg install ?