diff --git a/Cargo.lock b/Cargo.lock
index d8ea4ca..418c870 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -17,6 +17,17 @@ version = "1.0.58"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "bb07d2053ccdbe10e2af2995a2f116c1330396493dc1269f6a91d0ae82e19704"
 
+[[package]]
+name = "async-recursion"
+version = "1.0.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "2cda8f4bcc10624c4e85bc66b3f452cca98cfa5ca002dc83a16aad2367641bea"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn",
+]
+
 [[package]]
 name = "async-trait"
 version = "0.1.56"
@@ -420,15 +431,16 @@ dependencies = [
 
 [[package]]
 name = "once_cell"
-version = "1.12.0"
+version = "1.15.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7709cef83f0c1f58f666e746a08b21e0085f7440fa6a29cc194d68aac97a4225"
+checksum = "e82dad04139b71a90c080c8463fe0dc7902db5192d939bd0950f074d014339e1"
 
 [[package]]
 name = "onetun"
 version = "0.3.3"
 dependencies = [
  "anyhow",
+ "async-recursion",
  "async-trait",
  "boringtun",
  "clap",
@@ -440,6 +452,7 @@ dependencies = [
  "rand",
  "smoltcp",
  "tokio",
+ "tracing",
 ]
 
 [[package]]
@@ -690,18 +703,18 @@ dependencies = [
 
 [[package]]
 name = "thiserror"
-version = "1.0.31"
+version = "1.0.35"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "bd829fe32373d27f76265620b5309d0340cb8550f523c1dda251d6298069069a"
+checksum = "c53f98874615aea268107765aa1ed8f6116782501d18e53d08b471733bea6c85"
 dependencies = [
  "thiserror-impl",
 ]
 
 [[package]]
 name = "thiserror-impl"
-version = "1.0.31"
+version = "1.0.35"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "0396bc89e626244658bef819e22d0cc459e795a5ebe878e6ec336d1674a8d79a"
+checksum = "f8b463991b4eab2d801e724172285ec4195c650e8ec79b149e6c2a8e6dd3f783"
 dependencies = [
  "proc-macro2",
  "quote",
@@ -710,10 +723,11 @@ dependencies = [
 
 [[package]]
 name = "tokio"
-version = "1.19.2"
+version = "1.21.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c51a52ed6686dd62c320f9b89299e9dfb46f730c7a48e635c19f21d116cb1439"
+checksum = "0020c875007ad96677dcc890298f4b942882c5d4eb7cc8f439fc3bf813dc9c95"
 dependencies = [
+ "autocfg",
  "bytes",
  "libc",
  "memchr",
@@ -739,11 +753,12 @@ dependencies = [
 
 [[package]]
 name = "tracing"
-version = "0.1.35"
+version = "0.1.36"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a400e31aa60b9d44a52a8ee0343b5b18566b03a8321e0d321f695cf56e940160"
+checksum = "2fce9567bd60a67d08a16488756721ba392f24f29006402881e43b19aac64307"
 dependencies = [
  "cfg-if",
+ "log",
  "pin-project-lite",
  "tracing-attributes",
  "tracing-core",
@@ -751,9 +766,9 @@ dependencies = [
 
 [[package]]
 name = "tracing-attributes"
-version = "0.1.21"
+version = "0.1.22"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "cc6b8ad3567499f98a1db7a752b07a7c8c7c7c34c332ec00effb2b0027974b7c"
+checksum = "11c75893af559bc8e10716548bdef5cb2b983f8e637db9d0e15126b61b484ee2"
 dependencies = [
  "proc-macro2",
  "quote",
@@ -762,9 +777,9 @@ dependencies = [
 
 [[package]]
 name = "tracing-core"
-version = "0.1.28"
+version = "0.1.29"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7b7358be39f2f274f322d2aaed611acc57f382e8eb1e5b48cb9ae30933495ce7"
+checksum = "5aeea4303076558a00714b823f9ad67d58a3bbda1df83d8827d21193156e22f7"
 dependencies = [
  "once_cell",
 ]
diff --git a/Cargo.toml b/Cargo.toml
index 59ce18f..c378155 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -21,10 +21,13 @@ nom = "7"
 async-trait = "0.1.51"
 priority-queue = "1.2.0"
 smoltcp = { version = "0.8.0", default-features = false, features = ["std", "log", "medium-ip", "proto-ipv4", "proto-ipv6", "socket-udp", "socket-tcp"] }
+# forward boringtuns tracing events to log
+tracing = { version = "0.1.36", default-features = false, features = ["log"] }
 
 # bin-only dependencies
 clap = { version = "2.33", default-features = false, features = ["suggestions"], optional = true }
 pretty_env_logger = { version = "0.4", optional = true }
+async-recursion = "1.0.0"
 
 [features]
 pcap = []
diff --git a/src/wg.rs b/src/wg.rs
index 2bacc22..18ef7d5 100644
--- a/src/wg.rs
+++ b/src/wg.rs
@@ -3,6 +3,8 @@ use std::time::Duration;
 
 use crate::Bus;
 use anyhow::Context;
+use async_recursion::async_recursion;
+use boringtun::noise::errors::WireGuardError;
 use boringtun::noise::{Tunn, TunnResult};
 use log::Level;
 use smoltcp::wire::{IpProtocol, IpVersion, Ipv4Packet, Ipv6Packet};
@@ -102,39 +104,53 @@ impl WireGuardTunnel {
 
         loop {
             let mut send_buf = [0u8; MAX_PACKET];
-            match self.peer.update_timers(&mut send_buf) {
-                TunnResult::WriteToNetwork(packet) => {
-                    debug!(
-                        "Sending routine packet of {} bytes to WireGuard endpoint",
-                        packet.len()
-                    );
-                    match self.udp.send_to(packet, self.endpoint).await {
-                        Ok(_) => {}
-                        Err(e) => {
-                            error!(
-                                "Failed to send routine packet to WireGuard endpoint: {:?}",
-                                e
-                            );
-                        }
-                    };
-                }
-                TunnResult::Err(e) => {
-                    error!(
-                        "Failed to prepare routine packet for WireGuard endpoint: {:?}",
-                        e
-                    );
-                }
-                TunnResult::Done => {
-                    // Sleep for a bit
-                    tokio::time::sleep(Duration::from_millis(1)).await;
-                }
-                other => {
-                    warn!("Unexpected WireGuard routine task state: {:?}", other);
-                }
-            }
+            let tun_result = self.peer.update_timers(&mut send_buf);
+            self.handle_routine_tun_result(tun_result).await;
         }
     }
 
+    #[async_recursion]
+    async fn handle_routine_tun_result<'a: 'async_recursion>(&self, result: TunnResult<'a>) -> () {
+        match result {
+            TunnResult::WriteToNetwork(packet) => {
+                debug!(
+                    "Sending routine packet of {} bytes to WireGuard endpoint",
+                    packet.len()
+                );
+                match self.udp.send_to(packet, self.endpoint).await {
+                    Ok(_) => {}
+                    Err(e) => {
+                        error!(
+                            "Failed to send routine packet to WireGuard endpoint: {:?}",
+                            e
+                        );
+                    }
+                };
+            }
+            TunnResult::Err(WireGuardError::ConnectionExpired) => {
+                warn!("Wireguard handshake has expired!");
+
+                let mut buf = vec![0u8; MAX_PACKET];
+                let result = self.peer.format_handshake_initiation(&mut buf[..], false);
+
+                self.handle_routine_tun_result(result).await
+            }
+            TunnResult::Err(e) => {
+                error!(
+                    "Failed to prepare routine packet for WireGuard endpoint: {:?}",
+                    e
+                );
+            }
+            TunnResult::Done => {
+                // Sleep for a bit
+                tokio::time::sleep(Duration::from_millis(1)).await;
+            }
+            other => {
+                warn!("Unexpected WireGuard routine task state: {:?}", other);
+            }
+        };
+    }
+
     /// WireGuard consumption task. Receives encrypted packets from the WireGuard endpoint,
     /// decapsulates them, and dispatches newly received IP packets.
     pub async fn consume_task(&self) -> ! {