M1 macbook cannot use wstunnel with wireguard

Question

M1 macbook cannot use wstunnel with wireguard

fragrant1001 opened this issue 7 months ago · comments

OS: m1 mac
version: 9.3.0

log:

/opt/homebrew/etc/wireguard/wstunnel client -L 'udp://51820:localhost:51820?timeout_sec=0' wss://s.s.s:443
2024-04-29T07:10:08.737456Z INFO wstunnel::udp: Starting UDP server listening cnx on 127.0.0.1:51820 with cnx timeout of 0s
2024-04-29T07:10:08.737774Z WARN wstunnel::udp: Cannot increase UDP server recv buffer to 64 Mib: No buffer space available (os error 55)
2024-04-29T07:10:08.737843Z WARN wstunnel::udp: This is not fatal, but can lead to packet loss if you have too much throughput. You must monitor packet loss in this case
2024-04-29T07:10:08.737847Z WARN wstunnel::udp: Cannot increase UDP server recv buffer to 32 Mib: No buffer space available (os error 55)
2024-04-29T07:10:08.737850Z WARN wstunnel::udp: This is not fatal, but can lead to packet loss if you have too much throughput. You must monitor packet loss in this case
2024-04-29T07:10:08.737852Z WARN wstunnel::udp: Cannot increase UDP server recv buffer to 16 Mib: No buffer space available (os error 55)
2024-04-29T07:10:08.737855Z WARN wstunnel::udp: This is not fatal, but can lead to packet loss if you have too much throughput. You must monitor packet loss in this case
2024-04-29T07:10:08.737885Z WARN wstunnel::udp: Cannot increase UDP server recv buffer to 8 Mib: No buffer space available (os error 55)
2024-04-29T07:10:08.737889Z WARN wstunnel::udp: This is not fatal, but can lead to packet loss if you have too much throughput. You must monitor packet loss in this case
2024-04-29T07:10:08.737892Z INFO wstunnel::udp: Increased UDP server recv buffer to 4 Mib
2024-04-29T07:10:08.737895Z WARN wstunnel::udp: Cannot increase UDP server send buffer to 64 Mib: No buffer space available (os error 55)
2024-04-29T07:10:08.737897Z WARN wstunnel::udp: This is not fatal, but can lead to packet loss if you have too much throughput. You must monitor packet loss in this case
2024-04-29T07:10:08.737964Z WARN wstunnel::udp: Cannot increase UDP server send buffer to 32 Mib: No buffer space available (os error 55)
2024-04-29T07:10:08.737971Z WARN wstunnel::udp: This is not fatal, but can lead to packet loss if you have too much throughput. You must monitor packet loss in this case
2024-04-29T07:10:08.737975Z WARN wstunnel::udp: Cannot increase UDP server send buffer to 16 Mib: No buffer space available (os error 55)
2024-04-29T07:10:08.737978Z WARN wstunnel::udp: This is not fatal, but can lead to packet loss if you have too much throughput. You must monitor packet loss in this case
2024-04-29T07:10:08.737981Z WARN wstunnel::udp: Cannot increase UDP server send buffer to 8 Mib: No buffer space available (os error 55)
2024-04-29T07:10:08.737984Z WARN wstunnel::udp: This is not fatal, but can lead to packet loss if you have too much throughput. You must monitor packet loss in this case
2024-04-29T07:10:08.738019Z INFO wstunnel::udp: Increased UDP server send buffer to 4 Mib
2024-04-29T07:10:20.658377Z INFO wstunnel::udp: New UDP connection from 127.0.0.1:53516
2024-04-29T07:10:20.660640Z INFO wstunnel::tcp: Opening TCP connection to aws.kithrt.site:443
2024-04-29T07:10:20.820715Z INFO wstunnel::tls: Doing TLS handshake using SNI DnsName("s.s.s") with the server s.s.s:443

After this command I get those mention. and I can ping myself with wireguard internal ip.

-> % ping 10.10.10.3
PING 10.10.10.3 (10.10.10.3): 56 data bytes
64 bytes from 10.10.10.3: icmp_seq=0 ttl=63 time=213.034 ms
64 bytes from 10.10.10.3: icmp_seq=1 ttl=63 time=226.275 ms
^C
--- 10.10.10.3 ping statistics ---
2 packets transmitted, 2 packets received, 0.0% packet loss

But I can not ping 10.10.10.1

-> % ping 10.10.10.1
PING 10.10.10.1 (10.10.10.1): 56 data bytes
Request timeout for icmp_seq 0
Request timeout for icmp_seq 1
Request timeout for icmp_seq 2
^C
--- 10.10.10.1 ping statistics ---
4 packets transmitted, 0 packets received, 100.0% packet loss

But I can use wstunnel with wireguard in ubuntu 22.04 very good and stable.

root@dockerC:/wg-easy# ping 10.10.10.2
PING 10.10.10.2 (10.10.10.2) 56(84) bytes of data.
64 bytes from 10.10.10.2: icmp_seq=1 ttl=63 time=196 ms
64 bytes from 10.10.10.2: icmp_seq=2 ttl=63 time=202 ms
64 bytes from 10.10.10.2: icmp_seq=3 ttl=63 time=196 ms
^C
--- 10.10.10.2 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2100ms
rtt min/avg/max/mdev = 195.732/197.953/202.032/2.887 ms
root@dockerC:/wg-easy# ping 10.10.10.1
PING 10.10.10.1 (10.10.10.1) 56(84) bytes of data.
64 bytes from 10.10.10.1: icmp_seq=1 ttl=64 time=89.5 ms
64 bytes from 10.10.10.1: icmp_seq=2 ttl=64 time=95.0 ms
64 bytes from 10.10.10.1: icmp_seq=3 ttl=64 time=113 ms
^C
--- 10.10.10.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2101ms
rtt min/avg/max/mdev = 89.521/99.303/113.439/10.238 ms

You can see this log of ping .

Erèbe - Romain Gerard · Answer 1 · Thu May 02 2024 06:01:24 GMT+0800 (China Standard Time)

Hello,
can you share your wireguard client configuration ?

I suppose you have set your Allowed ip to 0.0.0.0/0 ? If yes be sure to to have set a static route to your server or use #252 (comment) to define your Allowed ip

https://github.com/erebe/wstunnel?tab=readme-ov-file#wireguard-and-wstunnel-

fragrant1001 · Answer 2 · Sun May 05 2024 15:50:08 GMT+0800 (China Standard Time)

Hello, can you share your wireguard client configuration ?

I suppose you have set your Allowed ip to 0.0.0.0/0 ? If yes be sure to to have set a static route to your server or use #252 (comment) to define your Allowed ip

https://github.com/erebe/wstunnel?tab=readme-ov-file#wireguard-and-wstunnel-

These are my client configurations.

on m1 mac:

-> % cat wss.conf
[Interface]
PrivateKey = asasasasasasas01
Address = 10.10.10.3/24
DNS = 8.8.8.8,114.114.114.114,233.5.5.5

Table = off
PreUp = /opt/homebrew/etc/wireguard/wstunnel930 client -L 'udp://51820:localhost:51820?timeout_sec=0' wss://a.a.a:443 > /opt/homebrew/etc/wireguard/wstunnel.log 2>&1 &
PreDown = kill $(ps -ef | grep '[w]stunnel' | awk '{print $2}') 2>&1 &

[Peer]
PublicKey = asasasasasasas02
PresharedKey = asasasasasasas03
AllowedIPs = 10.10.10.0/24
PersistentKeepalive = 25
Endpoint = 127.0.0.1:51820

On Ubuntu 22.04 :

root@ubuntu:/etc/wireguard# cat wss.conf
[Interface]
PrivateKey = xxxxxxxxxx01
Address = 10.10.10.2/24
DNS = 8.8.8.8,114.114.114.114,233.5.5.5

Table = off
PreUp = /root/wg-easy/wstunnel client -L 'udp://51820:localhost:51820?timeout_sec=0' wss://s.s.s:443 >/root/wg-easy/wstunnel.log 2>&1 &

[Peer]
PublicKey = xxxxxxxxxx02
PresharedKey = xxxxxxxxxx03
AllowedIPs = 10.10.10.0/24
PersistentKeepalive = 25
Endpoint = 127.0.0.1:51820

Almost the same configuration.

But as I said before . I can ping gateway on ubuntu but with my m1 mac I can not ping the gateaway.

On m1:

-> % ping 10.10.10.1
PING 10.10.10.1 (10.10.10.1): 56 data bytes
Request timeout for icmp_seq 0
Request timeout for icmp_seq 1
Request timeout for icmp_seq 2
Request timeout for icmp_seq 3
Request timeout for icmp_seq 4
Request timeout for icmp_seq 5
Request timeout for icmp_seq 6
^C
--- 10.10.10.1 ping statistics ---
8 packets transmitted, 0 packets received, 100.0% packet loss

On ubuntu:

root@ubuntu:~/wg-easy# ping 10.10.10.1
PING 10.10.10.1 (10.10.10.1) 56(84) bytes of data.
64 bytes from 10.10.10.1: icmp_seq=1 ttl=64 time=74.6 ms
64 bytes from 10.10.10.1: icmp_seq=2 ttl=64 time=74.7 ms
64 bytes from 10.10.10.1: icmp_seq=3 ttl=64 time=74.3 ms
^C
--- 10.10.10.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2004ms
rtt min/avg/max/mdev = 74.347/74.555/74.726/0.157 ms

Anyway , thanks for your answering.