[solved] systemd-networkd fails to set route on WireGuard

schard · 2019-02-09 12:41:13

Using the config with wg-quick on the client works.
Now I tried to use it via systemd-networkd as described in the Wiki.

$ cat /etc/systemd/network/99-wireguard.network 
[Match]
Name = ul1

[Network]
Address = 10.14.0.2/32

[Route]
Gateway = 10.14.0.1
Destination = 10.14.0.0/24

$ cat /etc/systemd/network/99-wireguard.netdev 
[NetDev]
Name = ul1
Kind = wireguard
Description = Wireguard

[WireGuard]
PrivateKey = <privkey>

[WireGuardPeer]
PublicKey = <pubkey>
PresharedKey = <psk>
Endpoint = myserver:51821
PersistentKeepalive = 25

Here's the failure:

-- Reboot --
Feb 09 13:28:20 weinheim systemd[1]: Starting Network Service...
Feb 09 13:28:20 weinheim systemd-networkd[474]: ul1: netdev ready
Feb 09 13:28:20 weinheim systemd-networkd[474]: Enumeration completed
Feb 09 13:28:20 weinheim systemd[1]: Started Network Service.
Feb 09 13:28:20 weinheim systemd-networkd[474]: enp1s0: Interface name change detected, enp1s0 has been renamed to eth0.
Feb 09 13:28:20 weinheim systemd-networkd[474]: eth0: Interface name change detected, eth0 has been renamed to enp1s0.
Feb 09 13:28:20 weinheim systemd-networkd[474]: ul1: Failed to resolve host 'myserver:51821': Name or service not known
Feb 09 13:28:21 weinheim systemd-networkd[474]: ul1: Gained carrier
Feb 09 13:28:21 weinheim systemd-networkd[474]: ul1: Could not set route: Network is unreachable
Feb 09 13:28:21 weinheim systemd-networkd[474]: ul1: Configured
Feb 09 13:28:23 weinheim systemd-networkd[474]: enp1s0: Gained carrier
Feb 09 13:28:25 weinheim systemd-networkd[474]: enp1s0: Gained IPv6LL
Feb 09 13:28:37 weinheim systemd-networkd[474]: enp1s0: Configured
Feb 09 13:28:37 weinheim systemd-networkd[474]: wg0: Gained carrier
Feb 09 13:28:37 weinheim systemd-networkd[474]: ul0: Gained carrier

When I add the route afterwards manually, everything works fine:

$ ip route add 10.14.0.0/24 dev ul1 scope link
$ ping -c 3 10.14.0.1
PING 10.14.0.1 (10.14.0.1) 56(84) bytes of data.
64 bytes from 10.14.0.1: icmp_seq=1 ttl=64 time=16.8 ms
64 bytes from 10.14.0.1: icmp_seq=2 ttl=64 time=16.4 ms
64 bytes from 10.14.0.1: icmp_seq=3 ttl=64 time=16.4 ms

--- 10.14.0.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 5ms
rtt min/avg/max/mdev = 16.372/16.525/16.828/0.238 ms

Last edited by schard (2019-02-09 13:17:56)

progandy · 2019-02-09 12:46:55

systemd-networkd is probaby trying to resolve the domain name before your normal network connects. Unsurprisingly that fails.
Edit: Sorry, I mixed up the route and the endpoint, but the error message says it requires a working connection before assigning the route as well.

Last edited by progandy (2019-02-09 12:55:28)

schard · 2019-02-09 12:55:01

So, what can I do about it aside from going back to wg-quick?
I already named the ethernet connection 10-ethernet and the wireguard connection 99-... to make systemd-network start ethernet first.
But obviously that's not enough.

Ninja'd.. Will try.

Last edited by schard (2019-02-09 12:55:36)

progandy · 2019-02-09 12:55:33

Maybe you need to set BindCarrier= on the wireguard interface? Or more likely GatewayOnlink=true.
https://jlk.fjfi.cvut.cz/arch/manpages/ … ON_OPTIONS

Last edited by progandy (2019-02-09 12:56:38)

schard · 2019-02-09 13:17:40

Yup. Using both options did the trick. Thanks.
Update:
Only GatewayOnlink=true is actually needed.
I also updated the Wiki article.

Last edited by schard (2019-02-09 17:36:57)

Arch Linux

#1 2019-02-09 12:41:13

[solved] systemd-networkd fails to set route on WireGuard

#2 2019-02-09 12:46:55

Re: [solved] systemd-networkd fails to set route on WireGuard

#3 2019-02-09 12:55:01

Re: [solved] systemd-networkd fails to set route on WireGuard

#4 2019-02-09 12:55:33

Re: [solved] systemd-networkd fails to set route on WireGuard

#5 2019-02-09 13:17:40

Re: [solved] systemd-networkd fails to set route on WireGuard

Board footer