Bug #11339
closed
Odd console output when WireGuard is running
Added by Marcos M almost 4 years ago.
Updated over 3 years ago.
Description
I'm not sure what triggers the output (see image attached), and I'm not completely certain that it's WireGuard to begin with. I have multiple pfSense VMs on ESXi, and the only common denominator I find when I see this output is that Wireguard is running. The text shows up on the system logs as well:
Jan 29 23:18:47 kernel calculated: e3d390f6a689613e6e8f19d3a168a868
Jan 29 23:18:47 kernel sent : 85c1f7b46486a309823acc2a341c86c7
As far as I can tell, there's no issue and it doesn't happen so often as to spam the logs. Hence this redmine entry is more-so to document the behavior.
Files
When Steve saw it, I think he had a routing loop of sorts -- the outer WireGuard traffic was attempting to go over the WireGuard tunnel, which was set as his default gateway accidentally at the time. Was that also the case for you?
That was not the case here, though I did have the gateway selection set to automatic. However, given that the WAN gateway is another pfSense firewall's LAN IP and given there were no gateway events, I don't believe the gateway ever changed to the WG interface. The only somewhat odd configuration I have is that it's a VM with only one interface (WAN).
If your gateway was set to automatic there is a high chance that wireguard took over as the default gateway. At least in my testing it's prone to doing that, which is why in all the docs I mention setting a specific gateway as default before assigning.
For completeness sake, this is confirmed to be WireGuard.
root@banshee:~/macy-freebsd-wg/sys/dev/if_wg# grep -ir printf module/crypto/zinc/chacha20poly1305.c
printf("src_len too short\n");
printf("calculated: %16D\n", b.mac, "");
printf("sent : %16D\n", src + dst_len, "");
root@banshee:~/macy-freebsd-wg/sys/dev/if_wg# grep -ir -A3 -B3 'printf("calc' module/crypto/zinc/chacha20poly1305.c
if (likely(!ret))
chacha20(&chacha20_state, dst, src, dst_len, simd_context);
else {
printf("calculated: %16D\n", b.mac, "");
printf("sent : %16D\n", src + dst_len, "");
}
memzero_explicit(&chacha20_state, sizeof(chacha20_state));
Not seeing this on the latest kmod code
- Status changed from New to Not a Bug
- Target version deleted (
Future)
Also available in: Atom
PDF