From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [IPv6:2a01:7e0:0:424::9]) by lore.proxmox.com (Postfix) with ESMTPS id 1DECD1FF14F for ; Wed, 17 Jun 2026 13:11:04 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 4CF4D1FC6A; Wed, 17 Jun 2026 13:10:44 +0200 (CEST) From: Stefan Hanreich To: pve-devel@lists.proxmox.com Subject: [PATCH pve-docs 13/13] sdn: add documentation for wireguard status reporting Date: Wed, 17 Jun 2026 13:10:10 +0200 Message-ID: <20260617111012.312710-14-s.hanreich@proxmox.com> X-Mailer: git-send-email 2.47.3 In-Reply-To: <20260617111012.312710-1-s.hanreich@proxmox.com> References: <20260617111012.312710-1-s.hanreich@proxmox.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Bm-Milter-Handled: 55990f41-d878-4baa-be0a-ee34c49e34d2 X-Bm-Transport-Timestamp: 1781694569203 X-SPAM-LEVEL: Spam detection results: 0 AWL 0.597 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Message-ID-Hash: H6GZTWWHRLXRBDICJCEJTBETKHBMKKZM X-Message-ID-Hash: H6GZTWWHRLXRBDICJCEJTBETKHBMKKZM X-MailFrom: s.hanreich@proxmox.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.10 Precedence: list List-Id: Proxmox VE development discussion List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: Explains the content of the returned fields and how to interpret them, particularly how the status of an interface is determined. Signed-off-by: Stefan Hanreich --- pve-gui.adoc | 1 + pvesdn.adoc | 64 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 65 insertions(+) diff --git a/pve-gui.adoc b/pve-gui.adoc index 3a99eaf..dce5e26 100644 --- a/pve-gui.adoc +++ b/pve-gui.adoc @@ -149,6 +149,7 @@ Line Height :: Specify the absolute height of a line. +[[gui_resource_tree]] Resource Tree ~~~~~~~~~~~~~ diff --git a/pvesdn.adoc b/pvesdn.adoc index a09a443..edcb539 100644 --- a/pvesdn.adoc +++ b/pvesdn.adoc @@ -957,6 +957,70 @@ Skip Route Generation:: The fabric will autogenerate routes in the kernel routing table for all allowed IPs of a peer. By setting this option, no routes will be inserted into the kernel routing table. + +[[pvesdn_fabric_status]] +Status Reporting +~~~~~~~~~~~~~~~~ + +Fabrics report their current status for informational and debugging purposes. It +can be accessed by clicking on the respective entry for the fabric in the +xref:gui_resource_tree[Resource Tree]. Depending on the protocol, different +metrics are reported. + + +[[pvesdn_fabric_status_wireguard]] +WireGuard +^^^^^^^^^ + +.Interfaces + +Provides information about the WireGuard interfaces of a specific node. The +following properties are available: + +Name:: The name of the network interface on the host. + +Type:: Interfaces are always of type 'wireguard'. + +State:: The SDN stack performs several checks to determine the state of the +interface. Possible states are: 'up', 'down', 'error'. An interface is up if the +kernel interface exists and has the `UP` flag set. Otherwise, if the interface +exists, but does not have the `UP` flag set, then it is considered 'down'. In +all other cases (e.g. interface does not exist on the node or has the wrong +type) the 'error' status is returned. + +Public Key:: The public key that can be used for communicating with the +WireGuard instance on this interface. + +Listen Port:: The port that can be used to reach this WireGuard instance. + +.Neighbors + +Provides information about the peers of all WireGuard interfaces on a specific +node. The following properties are available: + +Name:: The name of the node in the fabric configuration. Additionally contains +the name of the referenced interface in parentheses, if the node is in an +internal node. + +Neighbor:: The endpoint used to reach this peer (e.g. 192.0.2.0:51820). + +Interface:: The interface that has this neighbor configured. + +Public Key:: The public key of the neighbor. + +Allowed IPs:: A comma separated list of CIDRs. Those indicate the destination +IPs that are allowed when sending traffic to this neighbor. + +Latest Handshake:: When the latest handshake with this neighbor occurred. +Handshakes are exchanged every 180 seconds, *if* traffic is sent via this +WireGuard interface. If no traffic is sent, then also no handshake is exchanged. + +Bytes transmitted:: The amount of traffic that has been sent to this neighbor. + +Bytes received:: The amount of traffic that has been received from this +neighbor. + + [[pvesdn_config_route_filtering]] Prefix Lists and Route Maps --------------------------- -- 2.47.3