Hi,
I'm having random issues while on wireguard where request to some sites simply stalls until it times out. If I reload the pages often enough I will finally able to get the response, although this happens randomly, currently I'm able to reproduce this issue in ever few requests. When the request doesn't hangs I've noticed that the loading of some sites like speedtest, github,..etc takes longer than usual (when compared with openvpn or with traffic without any aditional encapsulation).
This only happens when traffic is originated from any AppVM is routed through a NetVM that runs wireguard. When I use openvpn in the same NetVM everything works fine without any timeout or delays. Everything also works perfectly fine on wireguard if the request is originated form the NetVM where wireguard runs. The problem only happens when the NetVM runs wireguard and the traffic is routed from another AppVM.
Based on the packet captures I took, I can see that the TLS handshake for some sites stalls, after the client hello is sent and the connection then hangs until it times out.
I don't know what's tampering with the traffic but it only happens with wireguard and only if traffic is routed from another AppVM to the NetVM that runs wireguard.
Any ideas what might be causing this erratic behavior?