Wireguard Tunnel over ipv6

sampsonf · December 13, 2019, 7:27am

My Linux and OpenWRT both have dual ipv4 & ipv6 address assigned by my ISP via DHCP.

The tunnel itself is working fine when the Wireguard tunnel is formed over IPv4. I can see handshake packets exchanging, and ping remote wg interface IP works.

Now, I when switch the tunnel over to IPv6, by side effect after I added the IPv6 AAAA records to my DDNS provider.

I can see both Linux and OpenWRT are trying to form the tunnel over IPv6 address. But there is no handshake packets exchanged. (Send is increasing, Received is always zero at both ends.)

What I need to do to allow the tunnel forming over IPv6 addresses?

Cross checked: ssh between them works over IPv6 .

mikma · December 13, 2019, 8:11am

It's a good idea to use tcpdump to verify that the packets are sent out via the correct interface and check if you receive any incoming packets. Also check the host route inserted by openwrt to the peer endpoint. It might be wrong under some conditions.

trendy · December 13, 2019, 10:46am

Also check that firewall is allowing the flow. ip6tables

Flosch_93 · June 15, 2020, 1:31pm

Hi,

sorry that I get this old post out again.
I'm still quite a noob at OpenWrt.

I have exactly the same problem as described here. What was the solution?

greetings

sampsonf · June 30, 2020, 1:35pm

Test with IPv6 Address instead of Hostname (Just in case the same name can resolve to both IPv4/IPv6 address.)
Make sure FireWall is working correctly
Try "initiate" the connection from both ends one by one if possible. Make sure it works from both directions.
Reboot OpenWRT

For some change, even restart of services is not enough. Must reboot.

Good luck! Hope it helps!