Edit 2: Fixed! Thanks to @just_another_person@lemmy.world for this github issue link.

The solution is in the last comment suggesting to set ManageForeignRoutingPolicyRules=no in /etc/systemd/networkd.conf

Original post is below…

So I’ve got something I don’t quite know how to find a solution for and I’m hoping this lovely community can help!

I’ve been experimenting with Arch (btw) with Hyprland to learn more about the install process, and linux in general, and to see if I like tiling window managers (I do).

I’ve installed this on a thinkpad I use for tinkering/learning, and the problem I’m encountering is that when I open up the laptop and the system resumes from suspend, the VPN connection is active, but broken, or maybe leaky.

What I mean by that is prior to suspending, with the vpn connection active, if I run curl ip.me, the result is the vpn server ip, Which is the expected behavior.

After resuming from suspend, when I run curl ip.me, I get my naked home ip instead of the vpn ip.

At first I thought I was losing the vpn connection, but when I check the status with sudo wg, it will show the vpn connection is still active, like so:

interface: wg0
  public key: pubkeyhere
  private key: (hidden)
  listening port: 38014
  fwmark: 0xca6c

peer: peer here
  endpoint: ip.endpoint.here:51820
  allowed ips: 0.0.0.0/0
  latest handshake: 7 seconds ago
  transfer: 8.07 KiB received, 3.77 KiB sent

I’ve tried searching for this to figure out what’s happening, and I’m not finding anything, likely because I don’t know how to properly query for results.

What I’ve been doing is just manually running an alias on resume that brings the vpn connection down, and then back up again with:

sudo wg-quick down wg0 && sleep 2 && sudo wg-quick up wg0

I’ve tried different variations on a script placed in /usr/lib/systemd/system-sleep to no avail. I have verified that that the script is running properly. I tested first with echo "sometext" > ~/somefile for both pre and post and the script is executed on suspend and again on resume.

Script example:

#! /usr/bin/bash

case $1/$2 in
	pre/*)
		;;
	post/*)
		sleep 2
		/usr/bin/wg-quick down wg0
		sleep 2
		/usr/bin/wg-quick up wg0
		;;
esac

Despite this script executing what is essentially the same command as my alias on resume, my home ip is what results from running curl ip.me.

Other details that may or may not be relevant.

I’ve got a wg-quick@wg0.service systemd service that runs on startup to connect to the vpn.

System is Arch with Hyprland, iwctl to manage the wifi connection. I’m not using hyprlock. When I close the laptop it suspends the session, and when I open it back up it just resumes it, no lock screen or password needed.

I don’t really understand what’s going on here, and I haven’t been able to find any information that helps me figure out what’s happening or how to address it. Any help would be greatly appreciated!

Edit: just wanted to add that I’ve also looked through journalctl and I haven’t found anything useful (to me) there.

    • harsh3466OPEnglish
      1·
      1 day ago

      Hahaha. Indeed! Even funnier with that meme that was posted across a bunch of Linux communities yesterday.

      Edit: The meme

    • harsh3466OPEnglish
      2·
      2 days ago

      That link provided the solution. Thank you again!!!

    • harsh3466OPEnglish
      1·
      2 days ago

      Thank you for that link! That was very informative. I’m going to start by trying this as suggested by the last comment in that thread.

      please use ManageForeignRoutingPolicyRules=no in /etc/systemd/networkd.conf.

  • Diss Appear@mastodon.green
    21·
    2 days ago

    @harsh3466 I had exactly the same with TuxedoOS last year.
    This is one of the reasons I always disable hibernation in all distros I install. And I’m actually fine with it. You get used to it pretty quickly.

    • harsh3466OPEnglish
      1·
      2 days ago

      I was considering the same before I made this post. Just shutting down when I’m done, or, just living with my alias.

      Do you do this on a laptop as well? If so, is it just live while closed?

      • Diss Appear@mastodon.green
        21·
        2 days ago

        @harsh3466 most discussions I have seen say Linux and hibernation is not up to par yet with Windows. I would give it a couple of years and reevaluate.
        I’ve made a habit of shutting down my laptop every night. Windows or Linux. Performs much better. I have changed the settings and the laptop shuts down when I close the lid. I love it, close the lid and go

        • harsh3466OPEnglish
          2·
          1 day ago

          I’ve read the same, but in setting up this laptop I wanted to give it a go. So far the solution provided by @just_another_person@lemmy.world is working. It’s coming up with the vpn routing intact now that I adjusted networkd.conf.

          If I hadn’t found a solution I was prepared to go your route, though I didn’t even think of setting it up so closing the lid would shut it down. That’s great!

        • just_another_person@lemmy.worldEnglish
          1·
          1 day ago

          Hibernation works just fine. Complex partitioning schemes don’t allow it to work in a secure manner in most cases though. Disk encryption causes issues, for example.