我在 ubuntu 18.04.6 LTS 上有一个 WG“服务器”,托管在 oracle 免费层中。
\n我已经使用众所周知的https://github.com/angristan/wireguard-install脚本安装了wireguard。然后我为我的台式机、手机等生成了几个配置。它可以完美连接并运行,但有时它会无缘无故地冻结。不存在连接问题或类似问题。客户端的日志与 Win 桌面上的内容类似:
\n2022-06-21 03:01:01.845: [TUN] [win] Keypair 17 created for peer 1\n2022-06-21 03:01:01.846: [TUN] [win] Sending keepalive packet to peer 1 (SERVER_IP:SERVER_PORT)\n2022-06-21 03:03:01.822: [TUN] [win] Sending handshake initiation to peer 1 (SERVER_IP:SERVER_PORT)\n2022-06-21 03:03:01.884: [TUN] [win] Receiving handshake response from peer 1 (SERVER_IP:SERVER_PORT)\n2022-06-21 03:03:01.884: [TUN] [win] Keypair 16 destroyed for peer 1\n2022-06-21 03:03:01.884: [TUN] [win] Keypair 18 created for peer 1\n2022-06-21 03:03:01.884: [TUN] [win] Sending keepalive packet to peer 1 (SERVER_IP:SERVER_PORT)\n2022-06-21 03:05:02.058: [TUN] [win] Sending handshake initiation to peer 1 (SERVER_IP:SERVER_PORT)\n2022-06-21 03:05:02.106: [TUN] [win] Receiving handshake response from peer 1 (SERVER_IP:SERVER_PORT)\n2022-06-21 03:05:02.106: [TUN] [win] Keypair 17 destroyed for peer 1\n2022-06-21 03:05:02.106: [TUN] [win] Keypair 19 created for peer 1\n2022-06-21 03:05:02.106: [TUN] [win] Sending keepalive packet to peer 1 (SERVER_IP:SERVER_PORT)\n2022-06-21 03:06:21.302: [TUN] [win] Retrying handshake with peer 1 (SERVER_IP:SERVER_PORT) because we stopped hearing back after 15 seconds\n2022-06-21 03:06:21.302: [TUN] [win] Sending handshake initiation to peer 1 (SERVER_IP:SERVER_PORT)\n2022-06-21 03:06:26.423: [TUN] [win] Handshake for peer 1 (SERVER_IP:SERVER_PORT) did not complete after 5 seconds, retrying (try 2)\n2022-06-21 03:06:26.423: [TUN] [win] Sending handshake initiation to peer 1 (SERVER_IP:SERVER_PORT)\n2022-06-21 03:06:31.471: [TUN] [win] Handshake for peer 1 (SERVER_IP:SERVER_PORT) did not complete after 5 seconds, retrying (try 3)\n2022-06-21 03:06:31.473: [TUN] [win] Sending handshake initiation to peer 1 (SERVER_IP:SERVER_PORT)\n2022-06-21 03:06:36.517: [TUN] [win] Handshake for peer 1 (SERVER_IP:SERVER_PORT) did not complete after 5 seconds, retrying (try 4)\n或在 iPhone 上:
\n2022-06-21 21:23:40.061830: [NET] peer(5RLe\xe2\x80\xa6eMBc) - Sending keepalive packet\n2022-06-21 21:23:55.063406: [NET] peer(5RLe\xe2\x80\xa6eMBc) - Sending keepalive packet\n2022-06-21 21:24:10.064855: [NET] peer(5RLe\xe2\x80\xa6eMBc) - Sending keepalive packet\n2022-06-21 21:24:15.581989: [NET] Network change detected with satisfied route and interface order [en0, utun3, pdp_ip0]\n2022-06-21 21:24:15.585825: [NET] DNS64: mapped SERVER_IP to itself.\n2022-06-21 21:24:15.586117: [NET] peer(5RLe\xe2\x80\xa6eMBc) - UAPI: Updating endpoint\n2022-06-21 21:24:15.587259: [NET] Routine: receive incoming v4 - stopped\n2022-06-21 21:24:15.587273: [NET] Routine: receive incoming v6 - stopped\n2022-06-21 21:24:15.587645: [NET] UDP bind has been updated\n2022-06-21 21:24:15.587713: [NET] peer(5RLe\xe2\x80\xa6eMBc) - Sending keepalive packet\n2022-06-21 21:24:15.588106: [NET] Routine: receive incoming v6 - started\n2022-06-21 21:24:15.588220: [NET] Routine: receive incoming v4 - started\n2022-06-21 21:24:25.367681: [NET] peer(5RLe\xe2\x80\xa6eMBc) - Sending handshake initiation\n2022-06-21 21:24:29.810482: [NET] peer(5RLe\xe2\x80\xa6eMBc) - Retrying handshake because we stopped hearing back after 15 seconds\n2022-06-21 21:24:30.442990: [NET] peer(5RLe\xe2\x80\xa6eMBc) - Handshake did not complete after 5 seconds, retrying (try 2)\n2022-06-21 21:24:30.443269: [NET] peer(5RLe\xe2\x80\xa6eMBc) - Sending handshake initiation\n2022-06-21 21:24:35.470291: [NET] peer(5RLe\xe2\x80\xa6eMBc) - Handshake did not complete after 5 seconds, retrying (try 2)\n2022-06-21 21:24:35.470610: [NET] peer(5RLe\xe2\x80\xa6eMBc) - Sending handshake initiation\n2022-06-21 21:24:40.744565: [NET] peer(5RLe\xe2\x80\xa6eMBc) - Handshake did not complete after 5 seconds, retrying (try 2)\n2022-06-21 21:24:40.744847: [NET] peer(5RLe\xe2\x80\xa6eMBc) - Sending handshake initiation\n2022-06-21 21:24:45.466608: [NET] peer(5RLe\xe2\x80\xa6eMBc) - Retrying handshake because we stopped hearing back after 15 seconds\n如果我重新连接 WG 客户端,它会立即连接并且一切正常。
\n有什么建议吗?我尝试使用 PersistentKeepAlive 参数(双方!)进行实验,这不会改变任何内容。
\n我的服务器配置:
\n[Interface]\nAddress = 10.66.66.1/24,fd42:42:42::1/64\nListenPort = SERVER_PORT\nPrivateKey = M?????Uyg4r3mo=\n\nPostUp = iptables -I FORWARD -i ens3 -o wg0 -j ACCEPT; iptables -I FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o ens3 -j MASQUERADE; ip6tables -A FORWARD -i wg0 -j ACCEPT; ip6tables -t nat -A POSTROUTING -o ens3 -j MASQUERADE; sudo iptables -I INPUT -i ens3 -p udp --dport SERVER_PORT -m state --state NEW,ESTABLISHED -j ACCEPT\nPostDown = iptables -D FORWARD -i ens3 -o wg0 -j ACCEPT; iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o ens3 -j MASQUERADE; ip6tables -D FORWARD -i wg0 -j ACCEPT; ip6tables -t nat -D POSTROUTING -o ens3 -j MASQUERADE; sudo iptables -D INPUT -i ens3 -p udp --dport SERVER_PORT -m state --state NEW,ESTABLISHED -j ACCEPT\n\n### Client iphone\n[Peer]\nPublicKey = 0+V???????4HnM=\nPresharedKey = s???????amJCxJyqcE=\nAllowedIPs = 10.66.66.2/32,fd42:42:42::2/128\n\n### Client mac\n[Peer]\nPublicKey = Tet4??????mI=\nPresharedKey = Ld???r8=\nAllowedIPs = 10.66.66.3/32,fd42:42:42::3/128\n我的客户端cfg
\n[Interface]\nPrivateKey = 4Bp????=\nAddress = 10.66.66.2/32,fd42:42:42::2/128\nDNS = 8.8.8.8,1.1.1.1\n\n[Peer]\nPublicKey = 5R?????c=\nPresharedKey = sY????E=\nEndpoint = SERVER_IP:SERVER_PORT\nAllowedIPs = 0.0.0.0/0,::/0\n一些统计数据
\nroot@oraclevpn:~# wg show all\ninterface: wg0\n public key: 5R?????c=\n private key: (hidden)\n listening port: SERVER_PORT\n\npeer: 0+?????nM=\n preshared key: (hidden)\n endpoint: 666.666.666.666:11111\n allowed ips: 10.66.66.2/32, fd42:42:42::2/128\n latest handshake: 2 minutes, 2 seconds ago\n transfer: 533.52 MiB received, 5.18 GiB sent\n小智 0
如果您的所有客户都遇到同样的问题,我会检查服务器上的一些内容。
通常怀疑,全面系统更新和升级
时间同步问题,和/或设置正确的时区
时间日期控件
应该与您的客户有完全相同的时间(分钟/秒)。
安装虚拟机工具sudo apt install open-vm-tools
同样的问题发生在凌晨 3 点还是下午 3 点?也许 Oracle 免费服务器配置过度并导致此问题。
运行 htop 并查看是否有任何服务占用了服务器上的过多资源。您可以将发行版升级(do-release-upgrade)到 Ubuntu 20.04 吗?
让我们知道这是否有帮助?
| 归档时间: |
|
| 查看次数: |
5271 次 |
| 最近记录: |