Bug #15098
open
Wireguard crashes on boot if PPPoE is the default gateway
0%
Description
This only seems to happen after a fresh boot, and only if any PPPoE connection is the default gateway.
Even the service watchdog can't bring wireguard back up.
The workaround is to go to "Status" - "Interfaces", disconnect the PPPoE line and enable it again.
After that wireguard will start without a problem.
I've only noticed this issue after moving to newer / better hardware.
Updated by Oskar Stroka 4 months ago
changing a static route, even disabling and re-enabling one, allows wireguard to be enabled again
Updated by Oskar Stroka 4 months ago
restarting the gateway service also solves it.
Edit: Also happens with an DHCP interface as default gateway
Updated by Danilo Zrenjanin 4 months ago
I couldn't replicate this behavior on the following system:
23.09.1-RELEASE (amd64) built on Wed Dec 20 18:27:00 UTC 2023 FreeBSD 14.0-CURRENT
The WAN interface IPv4 Configuration Type is set to PPPoE. And the system has only one PPPoE gateway.
After a graceful reboot, the PPPoE connection and Wireguard service both go up with no issues. There is probably something else in your configuration that triggers this behavior.
Dec 23 12:19:08 reboot 22988 rebooted by root . . . . Dec 23 12:19:57 kernel tun_wg0: link state changed to UP . .
Updated by Oskar Stroka 4 months ago
checked the logs and this seems to be repeating endlessly:
Dec 24 09:17:01 php_wg 89853 /usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] De-installed interface group (WireGuard).
Dec 24 09:17:01 php_wg 89853 /usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] Installed interface group (WireGuard).
Dec 24 09:17:01 php_wg 89853 /usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] De-installed Unbound ACL group (WireGuard).
Dec 24 09:17:01 php_wg 89853 /usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] Installed Unbound ACL group (WireGuard).
Dec 24 09:17:01 php_wg 89853 /usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] Applied package default settings as necessary.
Dec 24 09:17:02 php_wg 89853 /usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] De-installed earlyshellcmd(s).
Dec 24 09:17:02 check_reload_status 511 Syncing firewall
Dec 24 09:17:02 php_wg 89853 /usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] Installed earlyshellcmd(s).
Dec 24 09:17:02 check_reload_status 511 Syncing firewall
but after restarting the gateway service:
Dec 24 09:17:09 check_reload_status 511 Reloading filter
Dec 24 09:17:09 php_wg 31908 /usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] Enabled all WireGuard gateways.
Dec 24 09:17:09 check_reload_status 511 Reloading filter
Dec 24 09:17:09 php_wg 31908 /usr/local/pkg/wireguard/includes/wg_service.inc: Removing static route for monitor 62.55.197.9 and adding a new route through 80.146.128.16
Dec 24 09:17:09 php_wg 31908 /usr/local/pkg/wireguard/includes/wg_service.inc: Removing static route for monitor 142.250.184.227 and adding a new route through 192.168.8.1
Dec 24 09:17:09 php_wg 31908 /usr/local/pkg/wireguard/includes/wg_service.inc: Removing static route for monitor 82.149.64.17 and adding a new route through 192.168.6.1
Dec 24 09:17:09 php_wg 31908 /usr/local/pkg/wireguard/includes/wg_service.inc: Removing static route for monitor 217.17.34.10 and adding a new route through 10.65.234.147
Dec 24 09:17:09 php_wg 31908 /usr/local/pkg/wireguard/includes/wg_service.inc: Removing static route for monitor 213.209.99.163 and adding a new route through 10.66.179.102
Dec 24 09:17:09 php_wg 31908 /usr/local/pkg/wireguard/includes/wg_service.inc: Removing static route for monitor 109.199.77.76 and adding a new route through 10.65.82.101
is there anything I could do to narrow this down?
Updated by Kris Phillips 3 months ago
Danilo Zrenjanin wrote in #note-3:
I couldn't replicate this behavior on the following system:
[...]The WAN interface IPv4 Configuration Type is set to PPPoE. And the system has only one PPPoE gateway.
After a graceful reboot, the PPPoE connection and Wireguard service both go up with no issues. There is probably something else in your configuration that triggers this behavior.
[...]
Important to note that this was reported with 2.7.2 and you're testing on 23.09.1. While there shouldn't be any difference, we should test this on 2.7.2 to confirm.