bancroftravage: I tried your suggestions, here are the results. Not only did none of the changes work, but even running 1.8.31 on ubuntu 22.04 thanks to the PPA didn't work with the same error 00:15
bancroftwhen I comparedthe libraries they appear to be the same, now i'm about to try 1.8.31 on ubuntu 18 for sanity 00:17
bancroftok so 1.8.31 works on ubuntu 18.04 but not on 22.04 :/ 00:31
BazyarI couldn't find a channel for just Microstack, what would the best channel for support be?00:31
arraybolt3Bazyar: Probably an Openstack-related channel.00:33
arraybolt3#openstack might be it.00:34
arraybolt3If nothing else, they may be able to point you to the right channel.00:34
BazyarI'll try there, thanks!00:39
=== chris14_ is now known as chris14
=== kostkon_ is now known as kostkon
wingarmacHi all !04:38
wingarmacCan anyone help me with a wireguard issue on ubuntu server 22.04 ? I can reach with pings any computer of my VPN (even one on another ISP nat router) but my mobile phone connected on mobile data doesn't response back04:39
wingarmacany clue ?04:39
wingarmacI've a fixed public IP on my isp nat router04:39
wingarmacMy server is the only to retain all peers04:40
arraybolt3wingarmac: Can you describe better what you're trying to do? I can't tell if you're pinging from or to your mobile phone.04:40
wingarmacthe others have only the server as peers04:40
arraybolt3Like, are you trying to use your phone to connect to your VPN and then ping systems on the VPN network?04:40
wingarmacI ping from server to pĥone with its VPN IP04:40
arraybolt3Are you sure your phone is even able to ping back?04:41
arraybolt3I don't know if Android (or whatever else) is able to send ICMP packets.04:41
wingarmacNo, I'm not sure how it works on a mobile04:41
arraybolt3I'm assuming your phone is on the VPN network.04:41
wingarmacI've made simillar settings as for the distant computer that works and is behind his own isp nat router04:42
wingarmacI just gave him a new IP and added his identity to the peers on the server04:43
arraybolt3Do you have physical access to the phone at the moment?04:43
wingarmacyes, all the devices mentioned04:43
arraybolt3I'm suspecting that if all devices other than the phone work, it may be because your phone isn't designed to be pinged, in which case it's expected that you're not able to ping it.04:43
arraybolt3I'd take the phone, disconnect it from the VPN, enable its hotspot, connect to it with your laptop so that they're on the same local network, then try pinging it.04:43
wingarmacany other way to see if the communication is working right ?04:43
arraybolt3Or connect them both to the same physical network and try pinging it.04:43
arraybolt3wingarmac: You could install an SSH server app maybe.04:44
arraybolt3Then try to SSH into the phone.04:44
arraybolt3But we're getting a bit beyond Ubuntu support and into Android support at this point (assuming it's an Android phone) :P04:44
wingarmacThe goal is to be able to reach it when its on mobile data. So I do not understand why I should do that ?04:44
arraybolt3wingarmac: You need to know if the phone is even able to send ICMP packets in response to a ping. If it can't do that even under ideal conditions, then of course it won't do it over a VPN.04:45
arraybolt3If the phone won't respond to pings, it's expected that it won't respond to pings in any circumstance.04:45
wingarmacokay, I understand, and it is right. This is more wireguard related as ubuntu itself, since the other devices work04:45
arraybolt3Makes sense.04:45
arraybolt3If you *are* able to ping the phone when your device and phone are on the same physical network, then we probably have a problem with either how the phone connects to the VPN, or possibly with the server.04:46
wingarmacI'll wait t'ill someone answers on the wireguard channel in that case ... No choice.04:46
arraybolt3(Though if the phone does respond to pings when its on the same physical network, I would suspect the VPN app that you're using on the phone as the next likely culprit. Perhaps it blocks ICMP traffic.04:46
arraybolt3wingarmac: If you install an SSH server app onto the phone, you can then try to SSH to the phone's IP and that will test the connection.04:47
wingarmacI remember I could ping my phone when It was not on VPN but on wifi lan normal. So the suposition about ICM packets isn't right. I'll try it again to be sure04:47
wingarmacarraybolt3 I'll try that to04:48
wingarmacarraybolt3 you see, when I connect the mobile (VPN disabled everywhere) on wifi to my lan, I can use the ping. So it isn't the phone that is not able to respond.04:50
wingarmacIt's something that goes wrong to get the packets to the server somehow04:50
wingarmacarraybolt3 but when I put the phone on mobile data, I go to whatsmyip.com and try to ping my server to this IP, It is stuck04:52
wingarmacSo I presume their is some kind of blocking on the mobile data side.04:53
wingarmacI wonder how it works for other VPN services. Since I've tested NordVPN before, and it did work even when my phone was on mobile data. I could ping to it.04:54
wingarmacSo I presume I'll continue my search. Maybe a small dns service could do the trick. Like dsnmasq.04:55
arraybolt3wingarmac: For some reason I thought this was a VPN you controlled.04:55
arraybolt3If you're trying to ping a phone from a laptop with the phone on mobile data and both devices on a VPN owned by someone else entirely, then it's probably a problem with whatever VPN service you're using, in which case you'd want to ask them for help.04:56
wingarmacarraybolt3 what do you mean by that ? "I thought this was a VPN you controlled."04:56
arraybolt3wingarmac: I meant, I thought you were running a VPN server on an Ubuntu Server instance and were connecting to it, thus why this was an Ubuntu Server problem.04:57
arraybolt3I'm probably missing something about the setup here, but without knowing what you're trying to do and what your setup looks like, I won't be able to give very meaningful help.04:57
wingarmacarraybolt3 You're wrong. The laptop is peer 3 and the mobile phone is peer 404:57
arraybolt3Yeah I don't know what that means :P04:58
arraybolt3Start from the top. What all is between your computer and your phone? A server you own? A VPN service? A combination of the two?04:58
arraybolt3What does "peer 3" and "peer 4" mean? What are peers 1 and 2, and how do they play into your setup?04:59
wingarmachttps://ibb.co/CmfKMYB This is working on VPN, I now want to add my mobile to the same private network (please do not complicate it with the FQDN for now, just adding the mobile to the VPN is the intention now)05:01
wingarmacusing its mobile data connection05:01
arraybolt3OK, and lan1 is trying to ping the phone?05:02
arraybolt3Ah, OK.05:02
arraybolt3And is srv a VPN server or no?05:03
arraybolt3I'm just trying to figure out how srv factors into the equation other than being the machine you're trying to ping from.05:03
wingarmacSince wireguard is peer to peer, I can't realy call it a server, but yes, since it is the only one that has all peer keys into his setup and should be the center for all. 05:04
arraybolt3OK, that makes sense. I think I get it now.05:04
wingarmacthe other peers have only the server in the peer section of the wireguard conf file05:04
arraybolt3So how are you connecting the phone to the VPN?05:05
arraybolt3I'm assuming you're using the WireGuard app.05:05
wingarmacI've copied the same setup for it as the wan1 in the picture, but change the IP and keys for the respective unit.05:06
wingarmacsince it is also on a distant connection it has the local IP range of my network added a secondary in the AllowedIPs = 05:07
wingarmacexample AllowedIPs =,
wingarmacThis has worked for the wan105:08
wingarmacbut doesn't seem to solve the issue for the mobile05:08
arraybolt3OK so, your "server" has all the peer keys and is the "center" server, this may be silly but did you remember to add your phone to the server's config?05:08
arraybolt3I'm guessing you did.05:08
wingarmacI did of course. It's not like I have an all fleet to manage05:08
arraybolt3I'd start by testing things with an SSH Android app. Android doesn't let any apps run as root, so I'm wondering if maybe Wireguard is somehow not allowed to send the ICMP traffic to the Android OS underneath. But an SSH app will use a port high enough to not require root access to bind to, and might work? This is a shot in the dark, I've never used Wireguard, but that's my current suspicion.05:10
wingarmacI'll take a closer look to this SSH Android app05:11
arraybolt3I've personally used this one before: https://play.google.com/store/apps/details?id=org.galexander.sshd&hl=en_US&gl=US05:12
wingarmacwill putty ssh do it? there are so many ...05:12
wingarmacdon't you have a suggestion?05:13
arraybolt3You need a *server* app.05:13
arraybolt3I use SimpleSSHD, which I linked to above.05:13
wingarmacinstalled, what or how should I use it to debug the problem ?05:17
wingarmacI did just re-enable wireguard on both and opened SimpleSSHD05:18
arraybolt3wingarmac: Try SSH'ing into the phone now.05:19
arraybolt3You don't need to actually log in, you just need to see if the connection can be established.05:20
wingarmacOn the mobile the server is started. I did ssh vpn_IP_mobile -p 5555 on the server side but nothing happens. 05:22
arraybolt3And the server is on port 5555? I expected it would be on 2222.05:23
wingarmacvpn is set to use 555505:23
arraybolt3OK, so that probably means all incoming traffic is being blocked.05:23
wingarmacI think so to05:23
arraybolt3wingarmac: But which port is SimpleSSHD set to listen on?05:24
wingarmachow to see that ?05:24
arraybolt3There should be a Settings button somewhere. (Sorry, been a while since I've used it and I don't have a phone anymore so I can't test it.)05:24
wingarmacI see only IP's on screen and start/stop button05:24
arraybolt3There isn't a triple-dots somewhere in the upper-right corner?05:25
arraybolt3Or near the top of the screen?05:25
wingarmacI need to set it on the same port as VPN ?05:25
arraybolt3Doesn't the VPN basically join the phone to the same network as the othr machines?05:25
arraybolt3I'd try to SSH to the phone using it's IP on the Wireguard network.05:26
wingarmacyes, no error its connected05:26
arraybolt3Oh. That may be the problem all along.05:26
arraybolt3If you're going to whatismyip to find the phone's IP, that probably won't work - it will show the public IP of your router most likely.05:26
arraybolt3You'd have to find what IP the Wireguard network has assigned to the phone.05:27
wingarmacThe wan IP you mean by that ?05:27
arraybolt3wingarmac: Did you mention whatismyip earlier?05:27
arraybolt3Sorry, I'm tried and losing track of things.05:27
arraybolt3wingarmac: Blah. You know what I'm trying to say. Try to SSH to the phone using it's Wireguard IP and the port that SimpleSSHD is listening on (probably port 2222). So change the -p 5555 to -p 2222 and see if that works.05:28
arraybolt3(I'm getting frustrated with myself, not you.)05:28
wingarmacWell when opening SimpleSSHD, it shows my LAN range VPN IP and a public IP, I presume its the one you're talking wbout05:28
arraybolt3Most likely.05:29
wingarmacarraybolt3 I do not mind, you're kind helping me. That's enough to be greatfull05:29
arraybolt3Thanks :)05:29
wingarmac ssh -p 222205:31
wingarmacssh: connect to host port 2222: No route to host05:31
wingarmacroot@ubserv:~# ssh -p 222205:31
wingarmacthe last command just get stuck, I did CTRL+C05:32
arraybolt3Blah. OK, no route to host... /me looks up what that means, I've seen this before05:32
arraybolt3Yeah so basically it's saying that the phone can't be found on the network. Shocker.05:34
arraybolt3So here's a question - from the phone, can you ping the server?05:34
arraybolt3Over the VPN.05:34
arraybolt3I'm wondering if maybe the Wireguard app is only meant to allow outgoing connections and not incoming ones.05:35
wingarmachttps://ibb.co/txt1yhK is what I get on the mobile05:36
wingarmacI tried both IP4 wan and lan, but none did work.05:37
wingarmacHow do I ping from the mobile to the server ?05:37
arraybolt3wingarmac: Hmm, right, because the phone doesn't have `ping` built in most likely...05:38
arraybolt3Blah. There's an app on F-Droid called Termux that will let you run Linux terminal commands on the phone, but I don't know how much you want to trust a random Internet stranger's recommendation to download a random app that isn't in Google Play.05:40
arraybolt3https://termux.dev/en/ if you are interested.05:40
arraybolt3(The Google Play version is outdated and not recommended.)05:40
wingarmacIt's installing05:40
wingarmacBy the way, do you think that I could solve it with the use of DNSmasq. Since I will need to attach my domainname to my private network, I presume I'll need to install it. Isn't it ?05:41
wingarmacSo I thought the solution might cme with the setup of it as aninternal DNS server on lan05:42
arraybolt3I have no idea if another server will fix it.05:43
arraybolt3I have very limited experience with most of this and am mostly resorting to universal troubleshooting tactics.05:44
wingarmacit will route the packets to the right computer after entering the nat router. That's what I've been told.05:44
wingarmacI thought I could prevent any other server install, but at some point it might be a prerequisite to make what I'm intend to work.05:45
wingarmacarraybolt3 Anyway, thank you again so far ! It's really appreciated ! Cheers05:47
arraybolt3wingarmac: Thanks for your patience, and I hope we're able to make this work.05:47
wingarmac:) I will !05:48
=== nihe_ is now known as nihe
athosHi bryceh! I was thinking about doing a php clean up in lunar proposed (update excuses) before the feature freeze13:03
athoshowever, there are lots of packages there which were changed to depend on php8.2 (universe packages)13:04
athosWhat is the approach you would take for those? Just let them be carried to mm (next cycle) or patch each package to depend on php8.1 and revert those patches once we start the 8.2 migration?13:05
=== shokohsc69 is now known as shokohsc6
=== chris15 is now known as chris14
=== lord_black is now known as lord_daemon
brycehyep, in the situation we're in this release those can probably be ignored, unless they look like they have necessary changes, in which case yeah you can attempt to delta them to downgrade.  In the latter case I'd stage in a PPA in case the underlying source does actually need something in php8.2 to build or autopkgtest.17:54
=== chris14_ is now known as chris14
=== chris15 is now known as chris14

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!