I don't know if I'm in the right category here. If not, please tell me.
I have a question about wireguard connections. After days of reading about network configuration and OpenWRT, I have now successfully set up a wireguard connection. But after disconnecting the peer, small bytes are still sent to the peer which were not sent before the first connection. I don't think this is a connection attempt because the peer is a notebook and doesn't have a static IP. I could understand it in the other direction. Can anyone tell me if this is normal and if so why?
WireGuard peers don't notify each other on disconnection, only the latest handshake time is known.
The sites may not know that the client is disconnected and try to reach the client over the WireGuard server, then the server tries to reach the client over the tunnel passing through the router.
The router can keep NAT related connection tracking data for the WireGuard tunnel until the data expires due to inactivity.
The client may receive encrypted WireGuard packets from the server until the related connection tracking data expires on the router.
If the tunnel is built upon IPv6 or utilizes PersistentKeepalive, then it may produce even more traffic to the disconnected peer.