Community discussions

MikroTik App
 
WojtusW5
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 94
Joined: Mon Oct 02, 2017 1:25 pm

Wireguard dynamic enpoint address

Tue May 24, 2022 7:47 pm

Hello

I have a problem with wireguard Site2Site. One of the parties has a variable IP address with a DDNS service. By giving the DDNS address to the other party, the tunnel sets up, but when the address is changed, there is no communication. It looks like the address in the Endpoint field is not refreshed on the other side without disabling and enabling the interface.

Has anyone had a similar problem? Is this correct behavior?

Thank you in advance.
 
msatter
Forum Guru
Forum Guru
Posts: 2912
Joined: Tue Feb 18, 2014 12:56 am
Location: Netherlands / Nīderlande

Re: Wireguard dynamic enpoint address

Tue May 24, 2022 8:30 pm

That is indeed the correct behaviour. You have to dectect the change on your own and stop the service, clear DNS cache, restart the service.

There ate scripts for that, maybe I might have written even on that.

You might have a look overhere: viewtopic.php?p=908766
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19251
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Wireguard dynamic enpoint address

Tue May 24, 2022 9:13 pm

Covered here specifically at para 6: - viewtopic.php?p=906311
 
User avatar
Larsa
Forum Guru
Forum Guru
Posts: 1048
Joined: Sat Aug 29, 2015 7:40 pm
Location: The North Pole, Santa's Workshop

Re: Wireguard dynamic enpoint address

Tue May 24, 2022 9:23 pm

As Msatter and Anav pointed out there are some scripts that may solve the problem although it often requires quite some knowledge och experience how to install and configure them.

I sincerely do hope that Mikrotik will solve this shortcoming in the near future so you're not forced to use all these quick 'n dirty hacks.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19251
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Wireguard dynamic enpoint address

Wed May 25, 2022 12:47 am

I put in a request but its probably not on their short list. :-(
 
holvoetn
Forum Guru
Forum Guru
Posts: 5436
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: Wireguard dynamic enpoint address

Wed May 25, 2022 5:14 pm

... so you're not forced to use all these quick 'n dirty hacks.
Why so negative ?
Some of these scripts are real beauties which should be rewarded with a lot of appreciation !
:lol:
 
User avatar
Larsa
Forum Guru
Forum Guru
Posts: 1048
Joined: Sat Aug 29, 2015 7:40 pm
Location: The North Pole, Santa's Workshop

Re: Wireguard dynamic enpoint address

Wed May 25, 2022 5:41 pm

There were of course no intention at all to diminish all the wonderful fabulous delightful script makers and their truly amazing marvellous heavenly scripts that solves obvious shortcomings in RoS. Thank you for your service!

I'm out of adjective! :-)
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19251
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Wireguard dynamic enpoint address

Wed May 25, 2022 6:46 pm

The need for scripts identifies requirements that were not visualized by the coders or not approved by $$upper management.
Thus such scripts are a replacement for the notdone.

To make them elegant is indeed a skill. There will always be need for such skills but the point is that one should be able to USE such a function in a script for the ODD scenario.
For the COMMON DOG FUCK scenario, MT should have a simple automated mechanism builtin to the keep alive function (clearly if you want keep alive active, then you want the connection active) or a checkbox option to enable such a function. Accessing the function for the more complex edge cases in a script will still have its place.

Who is online

Users browsing this forum: Ahrefs [Bot], Bing [Bot] and 44 guests