I install wireguard vpn on ubuntu 20.04 on aws instance. Add a few clients. All works great. Clients using dns 1.1.1.1
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default ip-172-26-0-1.u 0.0.0.0 UG 100 0 0 eth0
172.26.0.0 0.0.0.0 255.255.240.0 U 0 0 0 eth0
ip-172-26-0-1.u 0.0.0.0 255.255.255.255 UH 100 0 0 eth0
192.168.xx.0 0.0.0.0 255.255.255.0 U 0 0 0 wg0
reboot machine, check routes again and all good. Wireguard clients connect fine. All good.
Now add pihole to the same server and it breaks the routes. It appears a conflict between wireguard and pihole when it comes to setting up routes
Initally adding pihole to the server and all is fine. Then reboot the server and the wg0 route is gone. Note, when installing pihole, the installer asks:
Do you want to use your current network settings as a static address? To this I say no and enter the address of the wg0 subnet from the output of this command: ip a show dev wg0
I bring wg down and back up to see if route returns. No wg0 route.
This route is gone:
192.168.xx.0 0.0.0.0 255.255.255.0 U 0 0 0 wg0
and without that route, wireguard breaks. It needs that route to work properly.
It's worth noting that I rebooted the server several times to test before installing pihole and on each reboot the wg0 route returned upon reboot.
It appears as if pihole is the culprit. What could pihole be doing to prevent the route from being added on reboot?
(As your post is in English, I recategorised it from Deutschsprachige Hilfe to Community Help.)
Pi-hole isn't considered with routing, and it wouldn't touch routing tables at all.
Pi-hole installs dhcpcd5.
If you had statically provisioned your network interfaces with specific options (e.g. a specific gateway) via a different tool, you may have to adjust and reapply those with dhcpcd5.
But from your description, it seems you rely on DHCP to configure your interfaces, and that shouldn't make a difference.
If your Wireguard installation would depend on name resolution somehow, Pi-hole may interfere with that by blocking a domain requested by Wireguard.
I'm not sure whether that would prevent Wireguard's service from starting at all, (edit: and it certainly wouldn't touch routes).
Pi-hole also adds itself as a service, so may change the startup sequence in a way that Wireguard's service disagrees with (though I haven't experienced (any of) this with my own Wireguard installation).
Again, I don't think that this could stop a manual restart of Wireguard (edit: or stop Wireguard from adding its routes).
If you did configure Wireguard through some third-party tools, you may want to consider their support as well.
I believe you misunderstood or I didn't articulate the issue correctly. After rebooting the server,w ireguard does start and ifconfig shows the wg0 interface is up with a valid ip address. The issue is that upon the first reboot of the server, the wg0 route is gone which breaks wireguard.
Again, I tested by first installing wireguard, adding a few client configs. Then rebooting several times. Each time the wg0 route is there. I then install pihole. All is fine and works great. wg0 route is there until I reboot the server. After first reboot, wireguard starts as confirmed with sudo wg, Also ifconfig confirms wg0 interface up with ip address. Then route displays routes and the wg0 route is gone. Just see the 3 etho routes.
Somehow pihole is causing the route to disappear upon reboot. What could it be doing? There appears to be a conflict of some sort. Spent hours trying to figure it out without any luck hence posting here. Dev's please chime in and help.
Since Wireguard would delete its corresponding routes if its interface is brought down or cannot be brought up, I was assuming wg0 wasn't up.
I've edited my answer to better reflect missing routes.
Even if it is in your case, my answer still applies:
Pi-hole doesn't touch routing tables at all.
dhcpcd5 may have changed your network configuration if you had specifically provisioned your network via other tools before, e.g. with specific gateways. If you've just been using DHCP, there shouldn't be any differences.
As I first rebooted a few times before installing pihole and the wg0 route always returned, it appears that pihole is somehow causing the route to disappear on reboot