plugins: Wireguard does not start when using dns name instead ip
This is a special condition, when using following configuration:
- Unbound
- Bind
- WireGuard
If you run your domain via your BIND on the same OpnSense as Wireguard and use a name from that domain for your endpoint, the service start for wireguard will fail (mostly) on reboot.
The rc.d order of starting services says for named:
# PROVIDE: named
# REQUIRE: NETWORKING ldconfig syslogd
# BEFORE: SERVERS
and for unbound:
# PROVIDE: unbound
# REQUIRE: FILESYSTEMS defaultroute netwait resolv
# BEFORE: NETWORKING
and for wireguard / openvpn:
# PROVIDE: wireguard
# REQUIRE: NETWORKING
Here the wireguard service may try to start BEFORE named is running.
If it would be for named (changed BEFORE list):
# PROVIDE: named
# REQUIRE: NETWORKING ldconfig syslogd
# BEFORE: SERVERS wireguard
all will run fine.
Is this suitable for a PR or change or how to you think about it?
Cheers Tom
About this issue
- Original URL
- State: closed
- Created 2 years ago
- Comments: 22 (21 by maintainers)
Commits related to this issue
- net/wireguard: try to start late once again for #3203 — committed to opnsense/plugins by fichtner 2 years ago
- net/wireguard: try to start late once again for #3203 (cherry picked from commit 2cdaf717b269329424e1b5de1376a1fec818882b) — committed to opnsense/plugins by fichtner 2 years ago
Patched via 2cdaf71, thanks!
yes, but not replacement. rather an addition to the script before the routing configuration.