Arch Linux

vesse

Member

Registered: 2022-11-17

Posts: 9

[solved] WireGuard connection does not resume after sleep

Hi !

Every time now, after latest kernel upgrade, restoring from suspend/hibernate cycle I have to

systemctl restart wg-quick@profile.service

After suspend internet works, ipleak.net just shows ip from my ISP.

journalctl -u systemd-networkd.service

and

journalctl -u wg-quick@profile.service

doesn't show anything new.

Has anyone else experienced something like this ?

# uname -a
Linux book 6.1.12-arch1-1 #1 SMP PREEMPT_DYNAMIC Tue, 14 Feb 2023 22:08:08 +0000 x86_64 GNU/Linux

Edit: Just tested, with 6.2.1-arch1-1 problem persists.

Last edited by vesse (2023-03-03 22:44:27)

---

---
Kernel & all systemd & xfce4

vesse

Member

Registered: 2022-11-17

Posts: 9

Re: [solved] WireGuard connection does not resume after sleep

Currently solved by downgrading systemd from 253 to 252.

---

---
Kernel & all systemd & xfce4

charles5242

Member

Registered: 2023-12-15

Posts: 1

Re: [solved] WireGuard connection does not resume after sleep

I'm also running into this exact same issue, on a system that I just installed Arch on a few days ago. Couldn't find any mentions of it happening anywhere else.

- Running "wg" shows that a handshake last occurred X seconds ago, forever increasing. Traffic is not routing through the configured wireguard routes.
- The same wireguard configuration works properly on bare metal Fedora and Pop!_OS installations.
- I am not using NetworkManager; I'm only using the default networking service that ships with Arch via the archinstaller script. (is this systemd-networkd?)

Posting here in case anyone else has seen this or has suggestions. I'll keep digging. If I find something, I'll share it.

$ uname -a
Linux arch 6.6.7-arch1-1 #1 SMP PREEMPT_DYNAMIC Thu, 14 Dec 2023 03:45:42 +0000 x86_64 GNU/Linux
$ systemctl --version
systemd 255 (255-2-arch)
$ wg version
wireguard-tools v1.0.20210914

There is a solution for this in the Arch Wiki! I did not see it initially: https://wiki.archlinux.org/title/WireGu … d-networkd

This seems like it was indeed introduced in systemd 253, and the fix is to uncomment and change the value to "no" for "ManageForeignRoutingPolicyRules" in /etc/systemd/networkd.conf. Then, just to be safe, I ran

sudo systemctl restart systemd-networkd

to restart the service, and then I tested out the fix by running

# note: this will suspend your system
sudo systemctl suspend

and verified that my wireguard tunnels do indeed stay up and running!

I am posting this because I found this article through a web search, and the fix is not to downgrade systemd, so that's why I'm posting the above information here - I hope it helps other people.