yggdrasil changing its interface ipv6 every restart - how to make it static/fixed?
jhaar opened this issue · comments
Hi there
I have an Internet exposed yggdrasil server, configured to only accept incoming connections from specific pubkeys (i.e. a private "VPN"). Works fine - clients with the correct config can connect and get their own yggdrasil interface with a fixed IPv6 address. But the server itself seems to change it's yggdrasil IPv6 address every time it restarts (i.e. on restarts the clients seem to keep the same IPv6, but the server does not). Here's the config - I'm sure I've just missed some step - any ideas? This is version 0.5.5
Thanks!
# yggdrasil -normaliseconf -useconffile /etc/yggdrasil.conf
{
PrivateKey: xxx
Peers: [
tls://sin.yuetau.net:6643
tls://01.scv.usa.ygg.yt:443
]
InterfacePeers: {}
#exposed on Internet via NAT, so Listen is on RFC1918 IP
Listen: [
tls://internal.ip:port
tcp://127.0.0.1:635
]
MulticastInterfaces: [
{
Regex: .*enp2s0
Beacon: true
Listen: true
Port: 0
Priority: 0
Password: ""
}
]
AllowedPublicKeys: [
yyyyyyyyyy
zzzzzzzzzz
]
IfName: ygg0
IfMTU: 65535
NodeInfoPrivacy: false
NodeInfo: {
network_type: private
}
}
nevermind i see you gave the private key already.
Is it possible that your MAC address is somehow being changed every time? When running Yggdrasil within QEMU, I have to be explicit with the MAC address for the virtual network card, otherwise the IPv6 address changes every time.
Which MAC address? The server is a physical with a static IP, so it's not changing. To confirm that I just made a note of the Ethernet MAC and restarted yggdrasil, the Ethernet MAC stayed the same, and yet the "ygg0" interface changed it's IPv6.
Hmm, unless you are referring to the ygg0 MAC address? That is "unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00" - so it's not static. But that's how TUN interfaces always work - right?
I found the problem: I had the "PublicKey" field in my server config - but forgot to put the value in! Once I put the value in (ie the pubkey generated off my privatekey), yggdrasil stopped changing it's IPv6 address - ie became "sticky".
I suspect if I had removed the field entirely, that would also work? But having the field exist-but-empty triggered the behaviour?
Anyway, all fixed now