Bug 212997

Summary: /proc/net/dev: netns default route via wireguard no longer counted
Product: Networking Reporter: Steffen Nurpmeso (steffen)
Component: OtherAssignee: Stephen Hemminger (stephen)
Status: RESOLVED OBSOLETE    
Severity: normal    
Priority: P1    
Hardware: All   
OS: Linux   
Kernel Version: 5.10.33 Subsystem:
Regression: No Bisected commit-id:

Description Steffen Nurpmeso 2021-05-08 16:23:48 UTC 
Despite 212317 i am "now" seeing another problem which i am pretty sure was not there "a few weeks ago".  In a box started via

  ip netns exec secweb /usr/bin/env -i TERM=screen-256color /usr/bin/unshare --ipc --uts --pid --fork --mount --mount-proc --kill-child --root=/tmp/ports-2BiE7A/root /init

where secweb is a namespaced with routes

  default dev wgsewe scope link
  10.4.0.8/30 dev secweb_peer proto kernel scope link src 10.4.0.10
  10.4.0.9 dev secweb_peer scope link
  10.5.4.0/22 dev wgsewe proto kernel scope link src 10.5.4.2

(where 10.4.0.9 is veth to main namespace, and a local dnsmasq cache is listening to provide DNS, nothing else is possible) aka

11: secweb_peer@if12: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 2e:5d:78:06:bf:94 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 10.4.0.10/30 brd 10.4.0.11 scope global secweb_peer
       valid_lft forever preferred_lft forever
    inet6 fe80::2c5d:78ff:fe06:bf94/64 scope link
       valid_lft forever preferred_lft forever
13: wgsewe: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1420 qdisc noqueue state UNKNOWN group default qlen 1000
    link/none
    inet 10.5.4.2/22 scope global wgsewe
       valid_lft forever preferred_lft forever

the /proc/net/dev counters of secweb no longer count any traffic routed via wgsewe, only the DNS traffic via 10.4.0.9:

secweb:   29157     382    0    0    0     0          0         0    42301     308    0    0    0     0       0          0

whereas we see
=== WG wgsewe@secweb ===
interface: wgsewe
...
  allowed ips: 0.0.0.0/0
  latest handshake: 7 seconds ago
  transfer: 218.64 MiB received, 7.50 MiB sent
Comment 1 Steffen Nurpmeso 2021-06-01 23:35:54 UTC 
Well with 5.10.41 i again see the netns counter increasing even with wireguard default route.

Thanks!!