New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Wireguard - With IPv6
bamboo4409
Member
in Help
Hello,
Hope everyone is doing well.
I tried searching and couldn't find an answer. I got a cheap IPv6 only vps to tinker with. This does have an IPv4 NAT address but only for SSH.
And came across this script to setup wireguard:
https://github.com/Nyr/wireguard-install
Seemed to install fine on VPS. But when I try to connect via my android device, not able to reach any sites. Here is the log file from my phone:
Anyone ever setup or configure wireguard using ip6? I suspect it is trying to use NAT address but not sure. Any help or feedback would be appreciated. Thanks in advance.
Thanked by 1Logano
Comments
You can follow Webhorizon's excellent turotial @Abd
https://webhorizon.net/blog/2021/04/setup-wireguard-on-a-nat-vps/
https://webhorizon.net/blog/2021/04/find-your-assigned-ipv6-and-internal-ip-nat-vps/
Thank you so much for this! Will re-provision and try ....
Use Nyr’s script and when it asks for ports, type any *unused port from the allocated IPv4 port range.
How strange. It is still not working.
I re-provisioned and followed the steps exactly. And attempted to setup on my desktop.
Here is a screenshot showing my assigned port & ip: https://snipboard.io/r2mUd0.jpg
And here is my configuration file for client: https://pastebin.com/1mH0XCqb
This is the error log: https://pastebin.com/RM7Xg7Fi
Port 7621 is already in use bei SSH use another one provided to you
That did it!!
Thank you so much!!
I appreciate everybody's time @Edding @jmaxwell @Arkas
SSH runs on TCP port 7621.
WireGuard would use UDP port 7621.
They won't conflict.
The most likely cause is that the host's UDP port 7621 isn't forwarded to the container's UDP port 7621, since it was designated for SSH.
Looks like my VPN is working nicely. But just noticed I can't SSH into it with my VPN connected. Is that normal behavior?
You probably have to SSH into the VPN IP address, the 10.x.x.1. The VPN's IP address is usually unavailable for clients connected to it once it is up.
That did it! SSH with port 22 10.x address and it connects. Thank you so much @k9banger02
I this community. Appreciate everyones time
If you don't mind my curiosity, what are the specs of your VPS?
I.e. OpenVZ / KVM, amount of RAM, and OS (incl. version)?
Asking to get a better idea of the system requirements for Nyr's script.
Slightly unrelated, but the OpenVPN installer runs on KVM with 128MB. I'm assuming the Wireguard installer would run on the same specs.
It seems like you need to gather more knowledge about this stuff. don't just sit down now on your "success". Try to understand why this happened and try planning stuff like this before. But good job on your VPN
Quite related to me, thanks for the info.
But that makes me curious either: how much RAM is available on a KVM with only 128 MB? 30 MB? 40 MB?
E.g. CentOS 7 Minimal uses about 90-100 MB just after the install (on KVM).
That's way too little IMO 256 MB is the absolute minimum.
Adding a higher priority routing rule for the server's IP to explicitly route it via your router (rather than via the VPN) should work too. Some VPN clients have a feature called "split tunnelling" that lets you configure this more easily, but otherwise you can do it by directly adding static routes yourself.
At my workplace, most traffic goes via the work VPN when we're connected to it, but some traffic like videoconferencing (Zoom, BlueJeans, etc) does not route via the VPN in order to reduce latency.
It is openvz with 256 mb RAM & 5 GB drive. I am really the only one who uses this, usually have ~ 30 - 40 MB of RAM being used. have debian installed but can do ubuntu.
here is the yabs: https://pastebin.com/XxvnMMvR
(not sure why it says 20 GB)
I have a few 256MB VPSes for dnstools.ws. Here's some htop output from a KVM system:
It shows 103 MB RAM in use (and the rest used for cache and buffers). The DNSTools code is using ~22% of the RAM (~51MB), my SSH session is using ~3.5MB, htop is using ~3MB and bash is using ~3MB. If you subtract all those, the base system is using ~42MB RAM. If you wanted to squeeze the RAM further, you could disable rsyslogd and use static IP configuration instead of DHCP.
Debian 9 Minimal running OpenVPN has approximately 70MB free. However, this is running the essentials. Theoretically, it should be enough RAM to also host a lightweight webserver such as LightHTTPD (provided you use a CDN) and a few other lightweight things such as UFW, ClamAV, etc.
Wireguard on a 64MB VPS lol. Uses about 10MB. Debian 10