3

Debian Buster image on a Google Compute Engine VM, and I have this systemd-networkd config placed at /etc/systemd/network/wg0.netdev to configure a Wireguard device:

[NetDev] Name=wg0 Kind=wireguard [WireGuard] PrivateKey = XXXXX ListenPort = 51820 [WireGuardPeer] Endpoint = XXXXX:51820 PublicKey = XXXXX AllowedIPs = XXXXX/32 AllowedIPs = XXXXX/24

When starting the systemd-networkd service, I get this error:

Starting Network Service... Failed to generate predictable MAC address for wg0: No such file or directory Could not load configuration files: No such file or directory systemd-networkd.service: Main process exited, code=exited, status=1/FAILURE

What's odd is:

  1. I can bring up the wg0 interface successfully on the GCP server by configuring it manually instead of via systemd
  2. I can use the above systemd-networkd config on other provider VMs (tested Vultr and local Vagrant) successfully

So the error only happens with the specific combination of using systemd-networkd config on a GCP server.

I'm using the exact same Linux kernel and Wireguard versions on all the servers. If it's a GCP-specific configuration, I can't seem to find any related documentation on it.

Improve this question
7
  • 1
    Can you describe the rest of your config? I've documented how I configure a WireGuard service on GCP here: wireguard.how/server/google-cloud-platform Commented Mar 3, 2020 at 6:16
  • Reviewed your post, that's basically what I've done, except I'm running the ip/wg commands manually instead of through a config file, and all of that works fine on GCP. It's only when I try to convert that setup to systemd-networkd that the problem occurs. One thing I'm doing that's a bit different is assigning an IP address to the wg interface that's not part of any subnet I've configured in GCP, it's just a 10.x.x.x network used for inter-server communication. I wonder if that's where systemd-networkd barfs, trying to get a MAC address for a non-existent subnet in GCP? Commented Mar 4, 2020 at 20:51
  • faced the same issue cannot start systemd-networkd service, @hunmonk did you find any solutions? Commented Aug 16, 2020 at 20:00
  • @MaratGainutdinov I was able to successfully fix my issue by installing from the latest images and making sure all packages were up to date. Looks like a fix happened somewhere in the stack, but I don't know where. Commented Aug 17, 2020 at 21:09
  • I use ubuntu 18.04. Which OS image, version fixed your problem? Commented Aug 18, 2020 at 13:57

2 Answers 2

Reset to default
2

I've checked Wireguard on GCE VM with Ubuntu 18.04 and it runs without any issues.

Please find my steps below:

  1. create VM instance based on Ubuntu 18.04
$ gcloud compute instances create instance-1 --machine-type=e2-medium --can-ip-forward --tags=vpn --image=ubuntu-1804-bionic-v20201111 --image-project =ubuntu-os-cloud
  1. create firewall rule:
$ gcloud compute firewall-rules create to-vpn --direction=INGRESS --priority=1000 --network=default --action=ALLOW --rules=udp:51820 --source-ranges=0.0.0.0/0 --target-tags=vpn
  1. install wireguard-tools:
$ gcloud compute ssh instance-1 instance-1:~$ cat /etc/lsb-release DISTRIB_ID=Ubuntu DISTRIB_RELEASE=18.04 DISTRIB_CODENAME=bionic DISTRIB_DESCRIPTION="Ubuntu 18.04.5 LTS" instance-1:~$ sudo apt update instance-1:~$ sudo apt upgrade instance-1:~$ sudo apt install wireguard-tools
  1. generate server keys:
instance-1:~$ umask 077; wg genkey | tee privatekey | wg pubkey > publickey instance-1:~$ sudo cat privatekey 2PSZW0mLV5YYE0oPBTKtOuZoQHYCIsoEg8KBcLdL+FY=
  1. generate server config:
instance-1:~$ sudo cat /etc/wireguard/wg0.conf [Interface] Address = 10.156.0.17 MTU = 1440 ListenPort = 51820 PrivateKey = 2PSZW0mLV5YYE0oPBTKtOuZoQHYCIsoEg8KBcLdL+FY=
  1. enable and start service:
instance-1:~$ sudo systemctl enable wg-quick@wg0 instance-1:~$ sudo systemctl start wg-quick@wg0 instance-1:~$ sudo systemctl status wg-quick@wg0 ● [email protected] - WireGuard via wg-quick(8) for wg0 Loaded: loaded (/lib/systemd/system/[email protected]; indirect; vendor preset: enabled) Active: active (exited) since Mon 2020-11-16 16:42:07 UTC; 10s ago Docs: man:wg-quick(8) man:wg(8) https://www.wireguard.com/ https://www.wireguard.com/quickstart/ https://git.zx2c4.com/wireguard-tools/about/src/man/wg-quick.8 https://git.zx2c4.com/wireguard-tools/about/src/man/wg.8 Process: 4937 ExecStart=/usr/bin/wg-quick up wg0 (code=exited, status=0/SUCCESS) Main PID: 4937 (code=exited, status=0/SUCCESS) Tasks: 0 (limit: 4671) CGroup: /system.slice/system-wg\x2dquick.slice/[email protected] Nov 16 16:42:07 instance-1 systemd[1]: Starting WireGuard via wg-quick(8) for wg0... Nov 16 16:42:07 instance-1 wg-quick[4937]: [#] ip link add wg0 type wireguard Nov 16 16:42:07 instance-1 wg-quick[4937]: [#] wg setconf wg0 /dev/fd/63 Nov 16 16:42:07 instance-1 wg-quick[4937]: [#] ip -4 address add 10.156.0.17 dev wg0 Nov 16 16:42:07 instance-1 wg-quick[4937]: [#] ip link set mtu 1440 up dev wg0 Nov 16 16:42:07 instance-1 systemd[1]: Started WireGuard via wg-quick(8) for wg0.
  1. check status of the service:
instance-1:~$ sudo wg interface: wg0 public key: 4sLXXmfK8Llr84wzoy8vfV3B0lV0w/RlR94YPnAbYS4= private key: (hidden) listening port: 51820 instance-1:~$ sudo ip a show wg0 3: wg0: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1440 qdisc noqueue state UNKNOWN group default qlen 1000 link/none inet 10.156.0.17/32 scope global wg0 valid_lft forever preferred_lft forever
  1. reset VM instance and check status:
instance-1:~$ sudo systemctl status systemd-networkd ● systemd-networkd.service - Network Service Loaded: loaded (/lib/systemd/system/systemd-networkd.service; enabled; vendor preset: enabled) Active: active (running) since Mon 2020-11-16 16:54:52 UTC; 7min ago Docs: man:systemd-networkd.service(8) Main PID: 751 (systemd-network) Status: "Processing requests..." Tasks: 1 (limit: 4671) CGroup: /system.slice/systemd-networkd.service └─751 /lib/systemd/systemd-networkd Nov 16 16:54:52 instance-1 systemd-networkd[751]: ens4: IPv6 successfully enabled Nov 16 16:54:52 instance-1 systemd-networkd[751]: lo: Link is not managed by us Nov 16 16:54:52 instance-1 systemd-networkd[751]: ens4: Link UP Nov 16 16:54:52 instance-1 systemd-networkd[751]: ens4: Gained carrier Nov 16 16:54:52 instance-1 systemd-networkd[751]: ens4: DHCPv4 address 10.156.0.17/32 via 10.156.0.1 Nov 16 16:54:52 instance-1 systemd-networkd[751]: Not connected to system bus, not setting hostname. Nov 16 16:54:53 instance-1 systemd-networkd[751]: ens4: Gained IPv6LL Nov 16 16:54:53 instance-1 systemd-networkd[751]: ens4: Configured Nov 16 16:55:01 instance-1 systemd-networkd[751]: wg0: Link UP Nov 16 16:55:01 instance-1 systemd-networkd[751]: wg0: Gained carrier $ sudo systemctl status wg-quick@wg0 ● [email protected] - WireGuard via wg-quick(8) for wg0 Loaded: loaded (/lib/systemd/system/[email protected]; indirect; vendor preset: enabled) Active: active (exited) since Mon 2020-11-16 16:55:01 UTC; 8min ago Docs: man:wg-quick(8) man:wg(8) https://www.wireguard.com/ https://www.wireguard.com/quickstart/ https://git.zx2c4.com/wireguard-tools/about/src/man/wg-quick.8 https://git.zx2c4.com/wireguard-tools/about/src/man/wg.8 Process: 1115 ExecStart=/usr/bin/wg-quick up wg0 (code=exited, status=0/SUCCESS) Main PID: 1115 (code=exited, status=0/SUCCESS) Nov 16 16:55:01 instance-1 systemd[1]: Starting WireGuard via wg-quick(8) for wg0... Nov 16 16:55:01 instance-1 wg-quick[1115]: [#] ip link add wg0 type wireguard Nov 16 16:55:01 instance-1 wg-quick[1115]: [#] wg setconf wg0 /dev/fd/63 Nov 16 16:55:01 instance-1 wg-quick[1115]: [#] ip -4 address add 10.156.0.17 dev wg0 Nov 16 16:55:01 instance-1 wg-quick[1115]: [#] ip link set mtu 1440 up dev wg0 Nov 16 16:55:01 instance-1 systemd[1]: Started WireGuard via wg-quick(8) for wg0. instance-1:~$ sudo wg interface: wg0 public key: 4sLXXmfK8Llr84wzoy8vfV3B0lV0w/RlR94YPnAbYS4= private key: (hidden) listening port: 51820 instance-1:~$ sudo ip a show wg0 3: wg0: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1440 qdisc noqueue state UNKNOWN group default qlen 1000 link/none inet 10.156.0.17/32 scope global wg0 valid_lft forever preferred_lft forever

In addition, please have a look at 3rd party guide for newer versions of Ubuntu here.

Improve this answer
1

Since my original report, it appears the issue has been resolved, either in GCP's images, or in systemd itself. It's working fine now.

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.