Route all traffic through Wireguard interface

Help
11

I have exactly the same problem as you, guys, it seems that I cannot properly route all traffic.

Some notes:

  • If I try to route only the related IPs, then I can ping the gateway, e.g.
% cat /etc/wireguard/temp.conf
[Interface]
Address = 10.0.0.6/24
PrivateKey = xxx

[Peer]
PublicKey = xxx
AllowedIPs = 10.0.0.0/24
Endpoint = xxx

% sudo wg-quick up temp
[#] ip link add temp type wireguard
[#] wg setconf temp /dev/fd/63
[#] ip address add 10.0.0.6/24 dev temp
[#] ip link set mtu 1420 dev temp
[#] ip link set temp up

% ping 10.0.0.1
PING 10.0.0.1 (10.0.0.1) 56(84) bytes of data.
64 bytes from 10.0.0.1: icmp_seq=1 ttl=64 time=1.06 ms
64 bytes from 10.0.0.1: icmp_seq=2 ttl=64 time=0.635 ms

% ip route
default via 192.168.1.1 dev enp0s25 proto dhcp src 192.168.1.127 metric 512 
default dev enp0s25 proto static scope link metric 2048 
10.0.0.0/24 dev temp proto kernel scope link src 10.0.0.6
<omit the rest>
  • If I try to route everything:
% cat /etc/wireguard/temp.conf
[Interface]
Address = 10.0.0.6/24
PrivateKey = xxx

[Peer]
PublicKey = xxx
AllowedIPs = 0.0.0.0/0
Endpoint = xxx

% wg-quick up temp
[#] ip link add temp type wireguard
[#] wg setconf temp /dev/fd/63
[#] ip address add 10.0.0.6/24 dev temp
[#] ip link set mtu 1420 dev temp
[#] ip link set temp up
[#] wg set temp fwmark 51820
[#] ip -4 route add 0.0.0.0/0 dev temp table 51820
[#] ip -4 rule add not fwmark 51820 table 51820
[#] ip -4 rule add table main suppress_prefixlength 0

% ping 10.0.0.1
PING 10.0.0.1 (10.0.0.1) 56(84) bytes of data.
^C
--- 10.0.0.1 ping statistics ---
7 packets transmitted, 0 received, 100% packet loss, time 181ms

% ip route
default via 192.168.1.1 dev enp0s25 proto dhcp src 192.168.1.127 metric 512 
default dev enp0s25 proto static scope link metric 2048 
10.0.0.0/24 dev temp proto kernel scope link src 10.0.0.6
<omit the rest>

% ip -4 route list table 51820
default dev temp scope link

Not sure if I type the right command, since manually adding the route, it complains as existing:

% sudo ip -4 route add 0.0.0.0/0 dev temp table 51820
RTNETLINK answers: File exists