You are not logged in.
I am using a VPN (mullvad) with systemd-networkd, iwd and wg-quick systemd service. This setup used to work fine with my thinkpad x260, but after switching to thinkpad x280 I've noticed some weird issues. After suspend my internet connection is lost until I restart the wg-quick service. This also happens with unstable internet access (mobile hotspot in the middle of the woods). Here are some outputs of systemd statuses after I suspend and wake up my machine and the internet connection is down (IP-addresses and server names obfuscated):
systemd-networkd
● systemd-networkd.service - Network Configuration
Loaded: loaded (/usr/lib/systemd/system/systemd-networkd.service; enabled; vendor preset: enabled)
Active: active (running) since Thu 2022-03-10 17:23:59 EET; 1h 52min ago
TriggeredBy: ● systemd-networkd.socket
Docs: man:systemd-networkd.service(8)
Main PID: 411 (systemd-network)
Status: "Processing requests..."
Tasks: 1 (limit: 9385)
Memory: 3.4M
CPU: 276ms
CGroup: /system.slice/systemd-networkd.service
└─411 /usr/lib/systemd/systemd-networkd
Mar 10 18:59:22 thinkpad systemd-networkd[411]: XXXXXXX: Link UP
Mar 10 18:59:22 thinkpad systemd-networkd[411]: XXXXXXX: Gained carrier
Mar 10 19:14:32 thinkpad systemd-networkd[411]: wlan0: Lost carrier
Mar 10 19:14:32 thinkpad systemd-networkd[411]: wlan0: Failed to send DHCP RELEASE, ignoring: Operation not permitted
Mar 10 19:14:32 thinkpad systemd-networkd[411]: wlan0: DHCP lease lost
Mar 10 19:14:32 thinkpad systemd-networkd[411]: wlan0: DHCPv6 lease lost
Mar 10 19:14:32 thinkpad systemd-networkd[411]: wlan0: DHCPv6 lease lost
Mar 10 19:14:33 thinkpad systemd-networkd[411]: wlan0: Connected WiFi access point: XXXXXX (46:8c:6f:7b:fa:20)
Mar 10 19:14:33 thinkpad systemd-networkd[411]: wlan0: Gained carrier
Mar 10 19:14:33 thinkpad systemd-networkd[411]: wlan0: DHCPv4 address XXX.XXX.XXX.XXX/24, gateway XXX.XXX.XXX.XXX acquired from XXX.XXX.XXX.XXXiwd
● iwd.service - Wireless service
Loaded: loaded (/usr/lib/systemd/system/iwd.service; enabled; vendor preset: disabled)
Active: active (running) since Thu 2022-03-10 17:24:01 EET; 1h 54min ago
Main PID: 500 (iwd)
Tasks: 1 (limit: 9385)
Memory: 2.3M
CPU: 5.706s
CGroup: /system.slice/iwd.service
└─500 /usr/lib/iwd/iwd
Mar 10 18:07:59 thinkpad iwd[500]: Received Deauthentication event, reason: 4, from_ap: false
Mar 10 18:08:23 thinkpad iwd[500]: Received Deauthentication event, reason: 4, from_ap: false
Mar 10 18:08:24 thinkpad iwd[500]: authentication timed out
Mar 10 18:12:47 thinkpad iwd[500]: Received Deauthentication event, reason: 4, from_ap: false
Mar 10 18:17:26 thinkpad iwd[500]: Received Deauthentication event, reason: 4, from_ap: false
Mar 10 18:26:46 thinkpad iwd[500]: Received Deauthentication event, reason: 4, from_ap: false
Mar 10 18:45:26 thinkpad iwd[500]: Received Deauthentication event, reason: 4, from_ap: false
Mar 10 18:55:14 thinkpad iwd[500]: Received Deauthentication event, reason: 3, from_ap: false
Mar 10 18:59:04 thinkpad iwd[500]: Received Deauthentication event, reason: 3, from_ap: false
Mar 10 19:14:32 thinkpad iwd[500]: Received Deauthentication event, reason: 3, from_ap: falsewg-quick
● wg-quick@mullvad-XXX.service - WireGuard via wg-quick(8) for mullvad/XXX
Loaded: loaded (/usr/lib/systemd/system/wg-quick@.service; enabled; vendor preset: disabled)
Active: active (exited) since Thu 2022-03-10 18:59:22 EET; 19min ago
Docs: man:wg-quick(8)
man:wg(8)
https://www.wireguard.com/
https://www.wireguard.com/quickstart/
https://git.zx2c4.com/wireguard-tools/about/src/man/wg-quick.8
https://git.zx2c4.com/wireguard-tools/about/src/man/wg.8
Process: 223196 ExecStart=/usr/bin/wg-quick up mullvad-XXX (code=exited, status=0/SUCCESS)
Main PID: 223196 (code=exited, status=0/SUCCESS)
CPU: 114ms
Mar 10 18:59:22 thinkpad wg-quick[223196]: [#] ip -6 rule add not fwmark 51820 table 51820
Mar 10 18:59:22 thinkpad wg-quick[223196]: [#] ip -6 rule add table main suppress_prefixlength 0
Mar 10 18:59:22 thinkpad wg-quick[223254]: [#] ip6tables-restore -n
Mar 10 18:59:22 thinkpad wg-quick[223196]: [#] ip -4 route add 0.0.0.0/0 dev mullvad-XXX table 51820
Mar 10 18:59:22 thinkpad wg-quick[223196]: [#] ip -4 rule add not fwmark 51820 table 51820
Mar 10 18:59:22 thinkpad wg-quick[223196]: [#] ip -4 rule add table main suppress_prefixlength 0
Mar 10 18:59:22 thinkpad wg-quick[223196]: [#] sysctl -q net.ipv4.conf.all.src_valid_mark=1
Mar 10 18:59:22 thinkpad wg-quick[223266]: [#] iptables-restore -n
Mar 10 18:59:22 thinkpad wg-quick[223196]: [#] iptables -I OUTPUT ! -o mullvad-XXX -m mark ! --mark $(wg show mullvad-XXX fwmark) -m addrtype ! --dst-type LOCAL -j REJECT && ip6tables -I OUTPUT ! -o mullvad-XXX -m mark ! --mark $(wg show mullvad-XXX fwmark) -m addrtype ! >
Mar 10 18:59:22 thinkpad systemd[1]: Finished WireGuard via wg-quick(8) for mullvad/XXX.systemd-resolved
● systemd-resolved.service - Network Name Resolution
Loaded: loaded (/usr/lib/systemd/system/systemd-resolved.service; enabled; vendor preset: enabled)
Active: active (running) since Thu 2022-03-10 17:24:00 EET; 1h 57min ago
Docs: man:systemd-resolved.service(8)
man:org.freedesktop.resolve1(5)
https://www.freedesktop.org/wiki/Software/systemd/writing-network-configuration-managers
https://www.freedesktop.org/wiki/Software/systemd/writing-resolver-clients
Main PID: 485 (systemd-resolve)
Status: "Processing requests..."
Tasks: 1 (limit: 9385)
Memory: 6.2M
CPU: 1.330s
CGroup: /system.slice/systemd-resolved.service
└─485 /usr/lib/systemd/systemd-resolved
Mar 10 18:57:55 thinkpad systemd-resolved[485]: mullvad-XXX: Bus client set DNS server list to: XXX.XXX.XXX.XX
Mar 10 18:57:55 thinkpad systemd-resolved[485]: mullvad-XXX: Bus client set search domain list to: ~.
Mar 10 18:59:04 thinkpad systemd-resolved[485]: Clock change detected. Flushing caches.
Mar 10 18:59:22 thinkpad systemd-resolved[485]: mullvad-XXX: Bus client set DNS server list to: XXX.XXX.XXX.XX
Mar 10 18:59:22 thinkpad systemd-resolved[485]: mullvad-XXX: Bus client set search domain list to: ~.
Mar 10 18:59:24 thinkpad systemd-resolved[485]: Clock change detected. Flushing caches.
Mar 10 19:13:18 thinkpad systemd-resolved[485]: Clock change detected. Flushing caches.
Mar 10 19:14:32 thinkpad systemd-resolved[485]: Clock change detected. Flushing caches.
Mar 10 19:14:48 thinkpad systemd-resolved[485]: Failed to send hostname reply: Transport endpoint is not connected
Mar 10 19:14:48 thinkpad systemd-resolved[485]: Failed to send hostname reply: Transport endpoint is not connectedI can see that when waking the system up (at 19:14) problems seem to register at iwd and systemd-resolved services while the wg-quick doesn't register anything. How can I proceed with the troubleshoot? Thank you.
Last edited by tcftbl (2024-02-13 15:00:49)
Offline
A discussion on systemd github related to my problem that was posted after my origin post here: https://github.com/systemd/systemd/issues/26665
I'm no sure I understand the problem enough to correctly summarize it here, but in the github issue a member suggested adding
ManageForeignRoutingPolicyRules=noto /etc/systemd/networkd.conf. This fixes the problem for me as my internet connection and VPN now work after suspend. This solution has been also been added to https://wiki.archlinux.org/title/WireGu … d-networkd after my first post, but I'll risk necrobumping to also add the information here.
Offline