[Bug 1811149] Re: 23 wireguard peers hang systemd-networkd

Joshua Sjoding 1811149 at bugs.launchpad.net
Thu Dec 5 06:49:44 UTC 2019 

As near as I can tell the fix for this was never backported from systemd
v241 to bionic. I recently filed a related a bug report here:

https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1853956

My symptoms are a little different (misconfiguration instead of an
infinite loop), but I have a strong suspicion that the underlying cause
is the same.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1811149

Title:
  23 wireguard peers hang systemd-networkd

Status in systemd:
  Fix Released
Status in systemd package in Ubuntu:
  New

Bug description:
  I'm running Ubuntu 18.04.1 LTS with systemd=237-3ubuntu10.9.
  Linux kernel version is 4.15.0-32-generic #35-Ubuntu SMP.
  wireguard=0.0.20181218-wg1~bionic from PPA.

  I have a Wireguard-based VPN server that has several peers. As soon as
  number of peers is 22 or lower, everything works okay. As soon as I
  add the 23rd peer, restart of `systemd-networkd` service fails with
  timeout while systemd-networkd hogs CPU.

  Moreover, if I reboot the box while wireguard configuration is
  "broken", systemd-networkd fails to apply network settings on boot and
  the box is no longer accessible over the network.

  Configuration is structured in a following way (keys are fake):

  ==> wg0.netdev
  [NetDev]
  Name=wg0
  Kind=wireguard
  Description=Wireguard VPN server
  [WireGuard]
  ListenPort=4500
  PrivateKey=kNl7tkhCM1Crj8RhUIn8xvwcg+UoOkw26kQjQEtZk1k=
  [WireGuardPeer]
  PublicKey=AfM1AN4IIUe5AVypFg2pcNrQmqOtZQIJLgusbkDYXkI=
  AllowedIPs=fd6f:b446:a2ca:0400:cb6f:b446:a2ca:bd0b/128
  AllowedIPs=fd6f:b446:a2ca:cb6f:b446:a2ca::/96
  # and 22 more [WireGuardPeer] like that

  ==> wg0.network
  Name=wg0
  [Network]
  Address=fd6f:b446:a2ca:0400::1/64
  [Route]
  Destination=fd6f:b446:a2ca:cb6f:b446:a2ca::/96
  # and 22 more [Route] sections like that

  syslog logs are attached both for "good" and "bad" cases, sample of
  strace logs is also attached for "bad" case.

  I'm filling the issue here as the aforementioned systemd version is
  already out of scope of upstream bug tracker per
  https://github.com/systemd/systemd/blob/master/docs/CONTRIBUTING.md
  #filing-issues

To manage notifications about this bug go to:
https://bugs.launchpad.net/systemd/+bug/1811149/+subscriptions

More information about the foundations-bugs mailing list