search

yggdrasil-network / yggdrasil-go

An experiment in scalable routing as an encrypted IPv6 overlay network
https://yggdrasil-network.github.io
Other
3.48k stars 239 forks source link

yggdrasil changing its interface ipv6 every restart - how to make it static/fixed? #1132

Closed jhaar closed 3 months ago

jhaar commented 7 months ago

Hi there

I have an Internet exposed yggdrasil server, configured to only accept incoming connections from specific pubkeys (i.e. a private "VPN"). Works fine - clients with the correct config can connect and get their own yggdrasil interface with a fixed IPv6 address. But the server itself seems to change it's yggdrasil IPv6 address every time it restarts (i.e. on restarts the clients seem to keep the same IPv6, but the server does not). Here's the config - I'm sure I've just missed some step - any ideas? This is version 0.5.5

Thanks!

# yggdrasil -normaliseconf -useconffile /etc/yggdrasil.conf
{
  PrivateKey: xxx

  Peers: [
    tls://sin.yuetau.net:6643
    tls://01.scv.usa.ygg.yt:443
  ]

  InterfacePeers: {}

  #exposed on Internet via NAT, so Listen is on RFC1918 IP
  Listen: [
    tls://internal.ip:port
    tcp://127.0.0.1:635
  ]
  MulticastInterfaces: [
    {
      Regex: .*enp2s0
      Beacon: true
      Listen: true
      Port: 0
      Priority: 0
      Password: ""
    }
  ]

  AllowedPublicKeys: [
    yyyyyyyyyy
    zzzzzzzzzz
  ]

  IfName: ygg0

  IfMTU: 65535

  NodeInfoPrivacy: false

  NodeInfo: {
    network_type: private
  }
}
majestrate commented 7 months ago

~Set PrivateKeyPath in config and the ipv6 address will be generated using the private keys stored on disk in the specified file~

majestrate commented 7 months ago

nevermind i see you gave the private key already.

Ravenstine commented 6 months ago

Is it possible that your MAC address is somehow being changed every time? When running Yggdrasil within QEMU, I have to be explicit with the MAC address for the virtual network card, otherwise the IPv6 address changes every time.

jhaar commented 6 months ago

Which MAC address? The server is a physical with a static IP, so it's not changing. To confirm that I just made a note of the Ethernet MAC and restarted yggdrasil, the Ethernet MAC stayed the same, and yet the "ygg0" interface changed it's IPv6.

Hmm, unless you are referring to the ygg0 MAC address? That is "unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00" - so it's not static. But that's how TUN interfaces always work - right?

jhaar commented 3 months ago

I found the problem: I had the "PublicKey" field in my server config - but forgot to put the value in! Once I put the value in (ie the pubkey generated off my privatekey), yggdrasil stopped changing it's IPv6 address - ie became "sticky".

I suspect if I had removed the field entirely, that would also work? But having the field exist-but-empty triggered the behaviour?

Anyway, all fixed now