A question re. #wireguard

When I’m away from home I usually connect to my home (US) and my server (Europe). However sometimes (not always) the connection to my home is blocked, I don’t know if it is caused by my phone company or my ISP. I blame the latter, because the connection to my european server never fails.

I wonder if there is something I can do in those cases?
I guess I could try to redirect the traffic to use the european server as a proxy, but that would make things slower the 90% of the time this isn’t a problem. Also, this would require me to switch wireguard connections manually, which is not ideal, especially if I’m driving.

Another alternative would be tailscale (maybe with headscale), but I’d rather keep my infrstructure as wireguard only.

Any ideas? cc @[email protected] @[email protected]

  • just_another_person@lemmy.world
    link
    fedilink
    English
    arrow-up
    6
    arrow-down
    2
    ·
    23 days ago

    If Wireguard loses its connection, it doesn’t automatically requery the host and reconnect AFAIK. So if name resolution fails, or you’re on dynamic DNS and the IP changes, it’s not going to fix itself.

      • vividspecter@lemm.ee
        link
        fedilink
        English
        arrow-up
        2
        ·
        23 days ago

        Or just use tailscale/headscale/netbird and keep the underlying wireguard performance.

        • MangoPenguin@lemmy.blahaj.zone
          link
          fedilink
          English
          arrow-up
          1
          ·
          23 days ago

          Tailscale in my experience does not run as kernel mode wireguard so performance is not great, but maybe that’s changed.

          Not sure about Netbird, but the Android app reviews are poor and it does not sound reliable.

    • sugar_in_your_tea@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      2
      ·
      23 days ago

      And by default, WireGuard doesn’t keep the connection alive when there’s no traffic. You can tune this in settings, which I’ve done because I’m behind CGNAT and need a persistent connection.

      • lorentz@feddit.it
        link
        fedilink
        English
        arrow-up
        1
        ·
        23 days ago

        Could it be that the domain name has both IPv4 and IPv6 and depending on the network you try to reach one or another? Wireguard can work on both protocols, but from my experience it doesn’t try both to see which one works (like browsers do). So if at the first try the dns resolves the “wrong” IP version, wireguard cannot connect and doesn’t fallback trying the alternative.

  • Prison Mike@links.hackliberty.org
    link
    fedilink
    English
    arrow-up
    3
    ·
    23 days ago

    If you’re just looking for WireGuard with some good support for hostile networks (and easier configuration) I’d probably just recommend Tailscale.

  • schizo@forum.uncomfortable.business
    link
    fedilink
    English
    arrow-up
    1
    ·
    23 days ago

    You can run some scripts that will update DNS resolution and reconnect if the connection goes inactive, but those aren’t going to be something you likely can do on your phone. (Though, IDK, you might could if we’re talking rooted android, but eh, I wouldn’t want to rely on it).

    Do you know WHY your connection fails? Is it JUST wireguard, is it your whole connection, does the IP change, etc? You might want to setup proper monitoring to see what exactly stops working when Wireguard does to see if it’s specific to the service, or if your whole link goes down, or if your router is crashing and rebooting or any number of other problems you could be having.