[BUG] - Auto-tunneling not reliable

[cryzzzzz]

Describe the bug
Auto-tunneling does not work reliably: Over night internet access gets unreachable and in the morning I need to reconnect manually to my WG VPN server; the option "Restart on ping fail (beta)" is activated.

Smartphone (please complete the following information):

• Device: Xiaomi Redmi Note 10 Pro
• Android Version: 12
• App Version 3.4.2

Additional context
My WG VPN server runs in my local home network, connected via a DSL connection to the internet. Every night the connection gets reset by the internet provider and a new IPv6 address gets assigned to the server. I suspect this to be the reason for the disconnect of the WG tunnel.
The WG VPN server gets its own FQDN hostname via an DynDNS server; the associated IPv6 address gets updated after each reset; thus my VPN server is reachable via its associated hostname

[zaneschepke]

Hello! Thank you for reporting the issue. Are you able to send me any logs related to this issue? That would be very helpful.

If you could send them to the support email that would be great! Thank you.

This is the exact situation that restart on ping failure should be solving so I am interested to see why it is not working.

[cryzzzzz]

I've just sent you the logs. Let me know if these do not cover the failure

[zaneschepke]

I've just sent you the logs. Let me know if these do not cover the failure

Thank you for sending the logs. Unfortunately, I did not see the issue in those logs.

[GrumpyGiuseppe]

I got the same problem and will send you my log file.

Now I got another problem.
My phone says there is no app to use the 'Send me an email' function in the app.
And I can not find the email anywhere else.
I have only installed the gmail app btw.

I will just post my errors here:

ERROR WireGuard/GoBackend/User1: message= UAPIOpen: mkdir /data/data/com.wireguard.android: permission denied

ERROR OpenGLRenderer: message= Unable to match the desired swap behavior.

Also another problem I now get is that the app tries to get a handshake and fails but the ping request is successful.
The result is that the vpn stays active and the phone is offline.

[zaneschepke]

I got the same problem and will send you my log file.

Now I got another problem. My phone says there is no app to use the 'Send me an email' function in the app. And I can not find the email anywhere else. I have only installed the gmail app btw.

I will just post my errors here:

ERROR WireGuard/GoBackend/User1: message= UAPIOpen: mkdir /data/data/com.wireguard.android: permission denied

ERROR OpenGLRenderer: message= Unable to match the desired swap behavior.

Also another problem I now get is that the app tries to get a handshake and fails but the ping request is successful. The result is that the vpn stays active and the phone is offline.

Thanks for sharing this! Those errors are not a concern. I am not sure why the app is not recognizing gmail as able to accept an email intent. For reference, the support email is support@zaneschepke.com. You can also find it on my GitHub profile.

I am thinking maybe it would be better to ping a random IP (like cloudflare 1.1.1.1) instead of pinging the wireguard server. I'll make some tweaks to this and see if it improves things.

[GrumpyGiuseppe]

I am not sure if cloudflare would have made a difference in my case because I use duck dns to direct the client to my server.

Maybe the problem was also my split tunnel setup:
AllowedIPs = 10.6.0.0/24, 192.168.0.0/24, 8.8.8.8/32, 8.8.4.4/32, fdfa:62a6:4441:ffff::/64, 2001:4860:4860::8888/128, 2001:4860:4860::8844/128

[zaneschepke]

I am not sure if cloudflare would have made a difference in my case because I use duck dns to direct the client to my server.

Maybe the problem was also my split tunnel setup: AllowedIPs = 10.6.0.0/24, 192.168.0.0/24, 8.8.8.8/32, 8.8.4.4/32, fdfa:62a6:4441:ffff::/64, 2001:4860:4860::8888/128, 2001:4860:4860::8844/128

Yeah, I was thinking that the split tunneling might make this an issue. Would it solve the problem if there was a setting that allowed the user to enter a specific ping target for each tunnel?

[GrumpyGiuseppe]

I think so.
If I use 192.168.0.X there can't be a false positive.
For others that use a dyn dns it may also be better to use something like cloudflare.

[mpk995]

Hi @zaneschepke 'Restart on ping fail' option is not working on our Google TV. when my target DDNS IP changes, it is not re-resolving. wireguard_watchdog on our openwrt router is working fine for same situation. please see if same code can be used here