amnezia-vpn / amneziawg-linux-kernel-module

AmneziaWG Linux kernel module
https://www.wireguard.com
GNU General Public License v2.0
86 stars 19 forks source link

WG peer handshake fails disrupting the VPN connection periodically #30

Open elringus opened 1 month ago

elringus commented 1 month ago

I've installed AmneziaWG server to a self-hosted VPS (Ubuntu 22.04) via the Amnezia app and set up the client on a Keenetic KN-1810 router following the official guide (https://docs.amnezia.org/ru/documentation/instructions/keenetic-os-awg/).

It's working fine, but periodically, about once per hour, the connection drops for 0.5-1.5 minutes.

Here is the router log when that happens:

[I] 14:06:12 kernel: wireguard: Wireguard0: retrying handshake with peer "xxx" (3) (x.x.x.x:31673) because we stopped hearing back after 2169110528 seconds
[I] 14:06:17 kernel: wireguard: Wireguard0: handshake for peer "xxx" (3) (x.x.x.x:31673) did not complete after 2164852204 seconds, retrying (try 5)
[I] 14:06:22 kernel: wireguard: Wireguard0: handshake for peer "xxx" (3) (x.x.x.x:31673) did not complete after 2164852204 seconds, retrying (try 5)
[I] 14:06:33 kernel: Core::Syslog: last message repeated 2 times.
[I] 14:06:38 kernel: wireguard: Wireguard0: handshake for peer "xxx" (3) (x.x.x.x:31673) did not complete after 1 seconds, retrying (try 5)
[I] 14:06:43 kernel: wireguard: Wireguard0: retrying handshake with peer "xxx" (3) (x.x.x.x:31673) because we stopped hearing back after 2412081728 seconds
[I] 14:06:43 kernel: wireguard: Wireguard0: handshake for peer "xxx" (3) (x.x.x.x:31673) did not complete after 256 seconds, retrying (try 5)
[I] 14:06:48 kernel: wireguard: Wireguard0: handshake for peer "xxx" (3) (x.x.x.x:31673) did not complete after 2164852204 seconds, retrying (try 5)

— ignore the weird seconds values, as that seem to be a Keenetic bug, which they claim doesn't affect anything.

I've spotted a similar report (https://github.com/amnezia-vpn/amnezia-client/issues/1041), where the author found that setting an optional Listen port resolved their issue and attempted the same, but it didn't help in my case.

Can someone please suggest what else I can try to fix/debug this further?