Bug #15098: Wireguard crashes on boot if PPPoE is the default gateway - pfSense - pfSense bugtracker

Custom queries

2.4.5-p1 - Resolved/Closed
2.5.0 - Resolved/Closed
2.5.1 - Resolved/Closed
2.5.2 - Resolved/Closed
2.6.0 - Resolved/Closed
2.7.0 - Resolved/Closed
2.7.1 - All Open Issues
2.7.1 - Resolved/Closed
2.7.2 - Resolved/Closed
2.8.0 - All Open Bugs
2.8.0 - All Open Features
2.8.0 - All Open Issues
2.8.0 - All Open Regressions
2.8.0 - Feedback
2.8.0 - Needs Attention
2.8.0 - New/Confirmed
2.8.0 - Pull Requests
2.8.0 - Regressions affecting 2.7.0
2.8.0 - Resolved/Closed
21.02.2/2.5.1 - Resolved/Closed
21.05 Plus - All Closed Issues
21.05.1 Plus Target - All Closed Issues
21.05.1 Target - All Closed Issues
22.01 Plus - All Closed Issues
22.01 Target - All Closed Issues
22.05 Plus - All Closed Issues
22.05 Target - All Closed Issues
23.01 Plus - All Closed Issues
23.01 Target - All Closed Issues
23.05 Plus - All Closed Issues
23.05 Target - All Closed Issues
23.05.1 Plus - All Closed Issues
23.05.1 Target - All Closed Issues
23.09 Plus - All Closed Issues
23.09 Target - All Closed Issues
23.09.1 Plus - All Closed Issues
23.09.1 Target - All Closed Issues
24.03 Plus - All Closed Issues
24.03 Target - All Closed Issues
24.07 Plus - All Closed Issues
24.07 Plus - All Open Issues
24.07 Plus - Feedback Issues
24.07 Plus - Needs Attention/Work
24.07 Plus - New/Confirmed/In Progress Issues
24.07 Plus - Pull Request Review
24.07 Plus - Waiting on Merge
24.07 Target - All Closed Issues
24.07 Target - All Open Issues
All Open Issues assigned to Me
All Open Pull Requests
Any Target - All Open Regressions
Any Target - Feedback Issues
CE-Next - All Closed Issues (Move to specific target)
CE-Next - All Open Issues
CE-Next - Feedback (Likely needs target changed)
New Issues by Category - Future Target
New Issues by Category - No Target
New Issues by Category - No Target+Future
No Target - All Open Issues (Base Only)
No Target - New Issues (Base Only)
No Target - New Issues (Base and Packages)
Release Notes - Plus Target Version (DO NOT EDIT)
Release Notes - Target Version (DO NOT EDIT)

Actions

Copy link

Bug #15098

open

Wireguard crashes on boot if PPPoE is the default gateway

Added by Oskar Stroka 5 months ago. Updated 4 months ago.

Status:

New

Priority:

Normal

Assignee:

Christian McDonald

Category:

WireGuard

Target version:

Start date:

Due date:

% Done:

Estimated time:

Plus Target Version:

Release Notes:

Default

Affected Version:

2.7.2

Affected Architecture:

amd64

Description

This only seems to happen after a fresh boot, and only if any PPPoE connection is the default gateway.
Even the service watchdog can't bring wireguard back up.
The workaround is to go to "Status" - "Interfaces", disconnect the PPPoE line and enable it again.
After that wireguard will start without a problem.
I've only noticed this issue after moving to newer / better hardware.

History
Notes

Actions

Copy link

Updated by Oskar Stroka 5 months ago

changing a static route, even disabling and re-enabling one, allows wireguard to be enabled again

Actions

Copy link

Updated by Oskar Stroka 5 months ago

restarting the gateway service also solves it.
Edit: Also happens with an DHCP interface as default gateway

Actions

Copy link

Updated by Danilo Zrenjanin 5 months ago

I couldn't replicate this behavior on the following system:

23.09.1-RELEASE (amd64)
built on Wed Dec 20 18:27:00 UTC 2023
FreeBSD 14.0-CURRENT

The WAN interface IPv4 Configuration Type is set to PPPoE. And the system has only one PPPoE gateway.

After a graceful reboot, the PPPoE connection and Wireguard service both go up with no issues. There is probably something else in your configuration that triggers this behavior.

Dec 23 12:19:08    reboot    22988    rebooted by root
.
.
.
.
Dec 23 12:19:57    kernel        tun_wg0: link state changed to UP
.
.

Actions

Copy link

Updated by Oskar Stroka 5 months ago

checked the logs and this seems to be repeating endlessly:
Dec 24 09:17:01 php_wg 89853 /usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] De-installed interface group (WireGuard).
Dec 24 09:17:01 php_wg 89853 /usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] Installed interface group (WireGuard).
Dec 24 09:17:01 php_wg 89853 /usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] De-installed Unbound ACL group (WireGuard).
Dec 24 09:17:01 php_wg 89853 /usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] Installed Unbound ACL group (WireGuard).
Dec 24 09:17:01 php_wg 89853 /usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] Applied package default settings as necessary.
Dec 24 09:17:02 php_wg 89853 /usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] De-installed earlyshellcmd(s).
Dec 24 09:17:02 check_reload_status 511 Syncing firewall
Dec 24 09:17:02 php_wg 89853 /usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] Installed earlyshellcmd(s).
Dec 24 09:17:02 check_reload_status 511 Syncing firewall

but after restarting the gateway service:
Dec 24 09:17:09 check_reload_status 511 Reloading filter
Dec 24 09:17:09 php_wg 31908 /usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] Enabled all WireGuard gateways.
Dec 24 09:17:09 check_reload_status 511 Reloading filter
Dec 24 09:17:09 php_wg 31908 /usr/local/pkg/wireguard/includes/wg_service.inc: Removing static route for monitor 62.55.197.9 and adding a new route through 80.146.128.16
Dec 24 09:17:09 php_wg 31908 /usr/local/pkg/wireguard/includes/wg_service.inc: Removing static route for monitor 142.250.184.227 and adding a new route through 192.168.8.1
Dec 24 09:17:09 php_wg 31908 /usr/local/pkg/wireguard/includes/wg_service.inc: Removing static route for monitor 82.149.64.17 and adding a new route through 192.168.6.1
Dec 24 09:17:09 php_wg 31908 /usr/local/pkg/wireguard/includes/wg_service.inc: Removing static route for monitor 217.17.34.10 and adding a new route through 10.65.234.147
Dec 24 09:17:09 php_wg 31908 /usr/local/pkg/wireguard/includes/wg_service.inc: Removing static route for monitor 213.209.99.163 and adding a new route through 10.66.179.102
Dec 24 09:17:09 php_wg 31908 /usr/local/pkg/wireguard/includes/wg_service.inc: Removing static route for monitor 109.199.77.76 and adding a new route through 10.65.82.101

is there anything I could do to narrow this down?

Actions

Copy link

Updated by Kris Phillips 4 months ago

Danilo Zrenjanin wrote in #note-3:

I couldn't replicate this behavior on the following system:
[...]

The WAN interface IPv4 Configuration Type is set to PPPoE. And the system has only one PPPoE gateway.

After a graceful reboot, the PPPoE connection and Wireguard service both go up with no issues. There is probably something else in your configuration that triggers this behavior.

[...]

Important to note that this was reported with 2.7.2 and you're testing on 23.09.1. While there shouldn't be any difference, we should test this on 2.7.2 to confirm.

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

pfSense

Custom queries

Bug #15098

Wireguard crashes on boot if PPPoE is the default gateway

Updated by Oskar Stroka 5 months ago

Updated by Oskar Stroka 5 months ago

Updated by Danilo Zrenjanin 5 months ago

Updated by Oskar Stroka 5 months ago

Updated by Kris Phillips 4 months ago