wg-quick fails with: Failed to resolve interface "tun": No such device

Hello and thank you for taking the time to report a bug.

It is not clear from your description what the problem might be. It seems like you're not using systemd-resolved as your resolver, is that correct?

I tried configuring wireguard in a system with and without systemd-resolved active. When systemd-resolved is running, wireguard can successfully adjust /etc/resolv.conf (assuming that there's a DNS entry in the wireguard configuration file). If you choose to disable systemd-resolved and write your own /etc/resolv.conf, you will need to manually invoke the commands to adjust the file yourself. You should also see a warning like this:

[#] resolvconf -a tun.mul -m 0 -x
/etc/resolvconf/update.d/libc: Warning: /etc/resolv.conf is not a symbolic link to /run/resolvconf/resolv.conf

But what you're seeing is different: it seems like your kernel doesn't have the tun interface setup.

Could you please paste the contents of your wireguard configuration file (taking care to remove any sensitive data)?

For what it's worth, we also have an extensive guide explaining how to set up wireguard:

https://ubuntu.com/server/docs/wireguard-vpn-introduction

I am marking this bug as Incomplete for now while we wait for more info from your side. Feel free to mark it as New again when you provide the requested data. Thanks.

Hello, thank you so much for your response and for your kind investigation!

The issue gets really weird. I have two laptops, both upgraded to Ubuntu 22.10; wg-quick works on one while fails on another. On both devices I can see that resolv.conf is a symlink:

~> ls -la /etc/resolv.conf
lrwxrwxrwx 1 root root 39 loka 11 19:52 /etc/resolv.conf -> ../run/systemd/resolve/stub-resolv.conf

The systemd-resolved is running correctly on both laptops:

~> systemctl status systemd-resolved.service
● systemd-resolved.service - Network Name Resolution
     Loaded: loaded (/lib/systemd/system/systemd-resolved.service; enabled; preset: enabled)
     Active: active (running) since Fri 2022-10-14 08:33:22 EEST; 6min ago

Both laptops are running the original kernel from Ubuntu - I haven't compiled kernel from sources in ages :-) . Both laptops have been upgraded from Ubuntu 22.04, however the upgrade was performed at different times. Both machines are running 5.19.0-19-generic kernel.

I just noticed a difference though: one laptop reports that there is a residual config for resolvconf. Let me try to purge the config & reboot.

That helped! Running `sudo apt purge resolvconf` and rebooting fixed the issue - now wg-quick is able to start `mycfg` just fine.

Thanks again for your precious time, I'm sorry I haven't figured it out sooner.

I'm unsure whether I should close this bug as WON'TFIX, or perhaps you'd like to make sure to purge resolvconf during the upgrade to new Ubuntu... I'll set the status of this ticket to NEW and leave the decision up to you guys :)

Hi Martin,

Happy to hear things are working properly. I'm uncertain about the idea of purging resolvconf; if there is a known problem caused by the presence of another package we may want to add a Conflicts or Breaks to the debian/rules, however before doing that we'd want to know more specifically what steps reproduce the problem. However, sounds like you're fine to leave it at this point, so since this seems more an issue with a local configuration than a reproducible defect, I'll mark the bug invalid.

Feel free to reopen if this still seems to be an issue for anyone.

Hi everyone
I faced with the same issue. I updated to kubuntu 22.10 and this issue also appeared. Currently, I have the latest packages installed.

I am using wg-quck to connect to vpn like this:

➜ sudo wg-quick up wg1vlad
[sudo] password for nikel:
[#] ip link add wg1vlad type wireguard
[#] wg setconf wg1vlad /dev/fd/63
[#] ip -4 address add 10.8.0.13/24 dev wg1vlad
[#] ip link set mtu 1420 up dev wg1vlad
[#] resolvconf -a tun.wg1vlad -m 0 -x
Failed to resolve interface "tun": No such device
[#] ip link delete dev wg1vlad

my config looks like this:

❯ cat wg1vlad.conf
[Interface]
PrivateKey = jhhfcgvhbjnkmlmjnhbgvfdxcgvhbjn
Address = 10.8.0.13/24
DNS = 10.2.0.100

[Peer]
PublicKey = bvgvcfxdcgvhbjnkjhgfgjkljh
PresharedKey = dfghjkhgfhjkljhgjkl
AllowedIPs = 10.8.0.0/24, 0.0.0.0/0, ::/0
PersistentKeepalive = 0
Endpoint = 123.123.132.132:51820

❯ ll /usr/bin/ | grep resolvectl
-rwxr-xr-x 1 root root 133664 Oct 11 18:51 resolvectl*

❯ ll /usr/sbin/ | grep resolvconf
lrwxrwxrwx 1 root root 19 Nov 13 00:11 resolvconf -> /usr/bin/resolvectl*

Before update, it worked just fine

There is one workaround on the internet: remove or comment DNS line in the config

It works, but only in half. With such removing, you can connect to internet, and you will have IP of your server. But you will not be able to connect to other peers inside your network.

Still under the workarounds umbrella, instead of using:

DNS = <ip>

Try this under [Interface] instead:

PostUp = resolvectl dns %i <ip>

(if you already have a PostUp, just add another one)

That will configure the wireguard interface to use the specified <ip> as the DNS server for that interface. You can also add a domain search if you want:

PostUp = resolvectl dns %i <ip>; resolvectl domain %i \~domain

(replace "domain" with the actual domain suffix you want searched, but keep the "\~")

Thanks, it helped!

By the way, do I need to set up PostDown for this?

> By the way, do I need to set up PostDown for this?

No, because the wireguard interface (to which this config is attached) will be gone then.