Debian Setup WARP Network Interface

by

Install Application

apt install wireguard-tools resolvconf && curl -fsSL git.io/wgcf.sh | sudo bash

Registe WARP

wgcf register

If you have WARP+ Account
WGCF_LICENSE_KEY="123412341234" wgcf update

Generate Configuration

wgcf generate

Setup Configuration

cp wgcf-profile.conf /etc/wireguard/warp.conf
nano /etc/wireguard/warp.conf

1. Disable WireGuard Automatic Routing Table

[Interface]
...
Table = off
...

3. Default IPv4/IPv6 Routing Table

  • Mark All The Packets Passing Through The WARP Interface
    PostUP = wg set warp fwmark 51820
  • All Packets Marked 820 Are Forwarded To The WARP Routing Table 51820
    PostUP = ip -4 rule add fwmark 820 lookup 51820
    PostUP = ip -6 rule add fwmark 820 lookup 51820
  • IF the packet didn’t match any of the specific routes, then instead of applying the default route, we’re proceeding to the next rule.
    PostUP = ip -4 rule add table main suppress_prefixlength 0
    PostUP = ip -6 rule add table main suppress_prefixlength 0
  • Forward IPv6
    PostUP = ip -6 rule add not fwmark 51820 table 51820 prio 40000
  • Create WARP Routing Table 51820
    PostUP = ip -4 route add default dev warp table 51820
    PostUP = ip -6 route add default dev warp table 51820

4. Change DNS Resolver

DNS = 8.8.8.8,2001:4860:4860::8888,1.1.1.1

5. Change MTU Size

⚠️ MTU value bigger will Increase speed, but also cause problem in some application

MTU = 1350

6. NAT and Firewall Traversal Persistence [wireguard-quickstart]

⚠️ If You Behind NET Like Some AWS/Oracle Cloud Server

[Interface]
...
PersistentKeepalive = 25

7. Add Packet Scheduler To The Network

⚠️ May Cause Some Sideffect

[Interface]
...
PostUP = tc qdisc replace dev warp root fq

Example Configuration File

[Interface]
PrivateKey = ABsEBcMj78e8cvOX09m8W9p9LjcLwPZa8Y8gFnHnlHY=
Address = 172.16.0.2/32
Address = 2606:4700:110:8f8f:31ae:8e0:1332:e145/128
DNS = 8.8.8.8,2001:4860:4860::8888,1.1.1.1
MTU = 1350
Table = off
PostUP = tc qdisc replace dev warp root fq

# IPv4
PostUP = wg set warp fwmark 51820
PostUP = ip -4 rule add fwmark 820 lookup 51820
PostUP = ip -4 rule add table main suppress_prefixlength 0
PostDown = ip -4 rule delete fwmark 820 lookup 51820
PostDown = ip -4 rule delete table main suppress_prefixlength 0

# Ipv6
PostUP = ip -6 rule add fwmark 820 lookup 51820
PostUP = ip -6 rule add table main suppress_prefixlength 0
PostUP = ip -6 rule add not fwmark 51820 table 51820 prio 40000
PostUP = ip -6 route add default dev warp table 51820
PostDown = ip -6 rule delete fwmark 820 lookup 51820
PostDown = ip -6 rule delete not fwmark 51820 table 51820 prio 40000
PostDown = ip -6 rule delete table main suppress_prefixlength 0

[Peer]
PublicKey = bmXOC+F1FxEMF9dyiK2H5/1SUtzH0JuVo51h2wPfgyo=
AllowedIPs = 0.0.0.0/0
AllowedIPs = ::/0
Endpoint = 162.159.192.1:2408

Test Of Functioning

  • Star Conncection
    wg-quick up warp
  • Ping Network
    ping 1.1.1.1 -I warp
    ping6 2606:4700:4700::1111 -I warp
  • Stop Conncection
    wg-quick down warp

Registe As System Service

systemctl start wg-quick@warp
systemctl enable wg-quick@warp

Leave a Comment