Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update routing table in more scenarios #73

Merged
merged 2 commits into from
Mar 12, 2021
Merged

Update routing table in more scenarios #73

merged 2 commits into from
Mar 12, 2021

Conversation

whiskerz007
Copy link
Contributor

Nothing was happening when a peer was disabled. This PR will make sure the peer is removed from WireGuard and the routing table is updated when a peer is disabled.

@whiskerz007 whiskerz007 changed the title Add process when peer disabled Update routing table in more scenarios Mar 6, 2021
@whiskerz007
Copy link
Contributor Author

@FossoresLP At this point, the routing table will match the state of the configuration. Currently, when the WireGuard interface is disabled, running wg show <interface> will still show the peers, still keep the running bandwidth usage, and keep track of the last handshake. Deleting the peers from the WireGuard interface would ensure wg show <interface> only shows the interface configuration and all peers will lose the running totals.

Should the peers be deleted from WireGuard when the interface is disabled in the configuration?

@whiskerz007 whiskerz007 mentioned this pull request Mar 6, 2021
Open
@FossoresLP
Copy link
Collaborator

FossoresLP commented Mar 7, 2021
edited
Loading

I'm not quite sure what would be the better approach.
I don't think freeing up the resources would make much of a difference unless you are running many WG interfaces in disabled state, which I would say is a little bit odd to do.
What about the addresses - are they available for re-use when the interface is disabled?

@whiskerz007
Copy link
Contributor Author

With the changes in this PR, when the WireGuard interface is disabled, the routes are removed. The IP address that is assigned to the interface is still configured. The script that updates the routes checks the list of allowed-ips from the output of wg show <interface>.

With the template rewrite, I tried to keep the same logic the was created before. If we need to redefine the logic, we should probably workshop some workflows to ensure the logic makes sense and the code functions as desired.

@FossoresLP
Copy link
Collaborator

I asked just out of curiosity, since this was requested before.

This PR looks good the way it is for now.

I'll merge it before the next release, but I don't think it's necessary to release it standalone since this is not a serious bug.

@whiskerz007
Copy link
Contributor Author

With the current release, if you disable the WireGuard interface, the routes are removed (by the kernel). When you reenable the interface the routes will not update. I believe this is a bug that may not have been discovered.

@FossoresLP
Copy link
Collaborator

Ok, then I suppose a new release would be warranted. I'll get this PR merged and released in the next couple of days then.

@FossoresLP FossoresLP merged commit 8c576d5 into WireGuard:master Mar 12, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@whiskerz007 @FossoresLP