FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.
0 votes
384 views 2 comments
by anonymous

Hello,

In client mode Wireguard has excellent performance and works very well. Until it doesn't that is ... If the public IP address of the server at the other end changes the tunnel stays completely stuck the DNS name is never re-resolved after the configuration phase.

Using a ping reboot is dubious one risks a reboot loop each time the network fails or the server undergoes a maintenance operation ...

A much better solution is to check via cron the "latest handshake" field and just restart the network if the value goes above a threshold.

If someone is interested the script is here and the crontab entry is below:

*/10 * * * * wg | awk -f /etc/awg.awk

The script uses kdig, install it via opkg update;opkg install knot-dig. Tested with IPv4 only.

Regards,

1 Answer

0 votes
by anonymous
Hello,

Thank you for another valuable suggestion.

The development team is informed about it for further consideration.

Best regards,
by anonymous
Of course a similar logic applies to IPSEC and others VPN protocols.