Talk: WireGuard

From NixOS Wiki
Jump to: navigation, search

sysctl net.ipv4.ip_forward=1 needed for server

done!

I could only make this work after running

sysctl net.ipv4.ip_forward=1

.

This is also mentioned in the Arch wiki.

I think it should be added here as well. Opinions? --Asymmetric (talk) 14:32, 18 May 2019 (UTC)

This definitly needs to be in the article, just add a disclaimer that the option is only needed for "supernodes" which route traffic, clients normally do not need it set --Makefu (talk) 07:43, 18 May 2019 (UTC)

I feel like the disclaimer is not necessary, since the article refers to a client/server mode of operation. --Asymmetric (talk) 14:32, 18 May 2019 (UTC)

Turns out the flag is already set by the nat module --Asymmetric (talk) 15:08, 18 May 2019 (UTC)

It would be really cool to have examples for nftables as well, preferably with conf files... --Devvythelopper (talk) 14:32, 18 May 2019 (UTC)


Regarding my addition:

--Nrbray (talk) 10:35, 8 December 2023 (UTC)

 networking.useNetworkd = true;


avoids error:

 trace: warning: The combination of `systemd.network.enable = true` [wireguard], `networking.useDHCP = true` and `networking.useNetworkd = false` can cause both networkd and dhcpcd to manage the same interfaces. This can lead to loss of networking. It is recommended you choose only one of networkd (by also enabling `networking.useNetworkd`) or scripting (by disabling `systemd.network.enable`)


Some hint found here: https://discourse.nixos.org/t/systemd-services/31546/2