Ubuntu
wireguard package

Bug #1950317
Comment #8

Comment 8 for bug 1950317

Revision history for this message

Andreas Hasenack (ahasenack) wrote on 2021-11-24:

I wrote this test that I intend to propose as a DEP8 test. Here is the output:

$ sudo ./vpn
Setting things up
Generating keys
Generating wireguard config
Cleaning up old namespaces
Creating new namespaces left_ns and right_ns and adding loopback interface to them
Creating veth interface connecting both namespaces
Bringing up LEFT wireguard interface in namespace left_ns
[#] ip link add wg_left type wireguard
[#] wg setconf wg_left /dev/fd/63
[#] ip -4 address add 10.0.5.1/24 dev wg_left
[#] ip link set mtu 1420 up dev wg_left
Bringing up RIGHT wireguard interface in namespace right_ns
[#] ip link add wg_right type wireguard
[#] wg setconf wg_right /dev/fd/63
[#] ip -4 address add 10.0.5.2/24 dev wg_right
[#] ip link set mtu 1420 up dev wg_right

This is the config
left_ns namespace:
[Interface]
ListenPort = 3001
PrivateKey = WDwCnk1LaTwsLSWT3DUsrgu9676RxjBdX+PPglV1tGA=

[Peer]
PublicKey = +69yT8PzWVd1l8IR8Y5yc25Qsi0OoIB+i75HTlvVVjM=
AllowedIPs = 10.0.5.2/32
Endpoint = 10.0.1.2:3002

right_ns namespace:
[Interface]
ListenPort = 3002
PrivateKey = WK5M7T1HVu12Q8SCW9FZpgaxTjXXMTzjM5QT7Q+qNV8=

[Peer]
PublicKey = qfg1hEQp9EK951ysQhzEi2F9ahW/KndYPkIRulAlIm8=
AllowedIPs = 10.0.5.1/32
Endpoint = 10.0.1.1:3001

Testing gateway ping
Pinging right gateway, from left_ns namespace
PING 10.0.5.2 (10.0.5.2) 56(84) bytes of data.
64 bytes from 10.0.5.2: icmp_seq=1 ttl=64 time=0.495 ms

--- 10.0.5.2 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.495/0.495/0.495/0.000 ms

Pinging left gateway, from right_ns namespace
PING 10.0.5.1 (10.0.5.1) 56(84) bytes of data.
64 bytes from 10.0.5.1: icmp_seq=1 ttl=64 time=0.061 ms

--- 10.0.5.1 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.061/0.061/0.061/0.000 ms

Testing wireguard interface ping
Pinging right wireguard IP from left_ns namespace
PING 10.0.1.2 (10.0.1.2) 56(84) bytes of data.
64 bytes from 10.0.1.2: icmp_seq=1 ttl=64 time=0.015 ms

--- 10.0.1.2 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.015/0.015/0.015/0.000 ms

Pinging left wireguard IP from right_ns namesapce
PING 10.0.1.1 (10.0.1.1) 56(84) bytes of data.
64 bytes from 10.0.1.1: icmp_seq=1 ttl=64 time=0.046 ms

--- 10.0.1.1 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.046/0.046/0.046/0.000 ms

Testing vpn stats
Namespace left_ns
  latest handshake: Now
  transfer: 348 B received, 404 B sent
Namespace right_ns
  latest handshake: Now
  transfer: 404 B received, 348 B sent

It's suitable to run in a single VM. I'll create a PR soon.

I wrote this test that I intend to propose as a DEP8 test. Here is the output:

$ sudo ./vpn 
Setting things up
Generating keys
Generating wireguard config
Cleaning up old namespaces
Creating new namespaces left_ns and right_ns and adding loopback interface to them
Creating veth interface connecting both namespaces
Bringing up LEFT wireguard interface in namespace left_ns
[#] ip link add wg_left type wireguard
[#] wg setconf wg_left /dev/fd/63
[#] ip -4 address add 10.0.5.1/24 dev wg_left
[#] ip link set mtu 1420 up dev wg_left
Bringing up RIGHT wireguard interface in namespace right_ns
[#] ip link add wg_right type wireguard
[#] wg setconf wg_right /dev/fd/63
[#] ip -4 address add 10.0.5.2/24 dev wg_right
[#] ip link set mtu 1420 up dev wg_right