When I activate the Wireguard network on macOS to connect to my app’s machines hosted in JNB region, my public Internet stops working, as if all traffic is being routed through the VPN. AllowedIPs = fdaa:9:a7d3::/48 is set in the config to the Fly.io subnet. I. also can’t ping (ping6) any of my Fly machines,
I ran fly wireguard create and followed the steps to output a Wireguard config. I installed Wireguard and imported the config to Wireguard. When I activate the network, I can’t run any fly CLI commands or access the public Internet. When I deactivate it, I can access the public Internet again.
Is this an issue with the Wireguard config or with Wireguard on macOS?
Here is the Wireguard config with obfuscated PrivateKey:
I suspect the problem isn’t that your internet traffic is being routed via Fly’s WireGuard connection - but that your (internet) DNS requests are being sent via Fly WireGuard (DNS = fdaa:9:a7d3::3). No DNS = no internet. If for whatever reason your Fly WireGuard isn’t working - then neither will those DNS requests to Fly’s fdaa:9:a7d3::3 servers, as would also be the case if Fly had WireGuard DNS issues.
“I also can’t ping (ping6) any of my Fly machines” - are you pinging via the machine name/Fly Private Network FQDN (i.e. reliant on Fly DNS)? It may not be the ICMP/WireGuard itself that isn’t working - but DNS. Try a ping6 to the machine’s IPv6 IP.
If Fly (or your client) are having any DNS/DNS-over-WireGuard/WireGuard connectivity issues with fdaa:9:a7d3::3 - then your internet connectivity (read: DNS) may appear to be failing when connected to Fly WireGuard.