search

EasyTier / EasyTier

A simple, decentralized mesh VPN with WireGuard support.
https://easytier.top
Apache License 2.0
441 stars 40 forks source link

My test results #139

Open Musixal opened 1 week ago

Musixal commented 1 week ago

I recently used this project. Unfortunately, there are problems that I will explain in the future. The first problem is the low bandwidth it provides. In the best case, the speed cannot be more than 400 Mbps on plain TCP. Do you have a solution? thank you

Musixal commented 1 week ago

The second problem is when the number of users and connections increases, in this case the latency increases greatly and the process needs to be restarted.

The third problem is in the connection between a server with public IP and a client behind NAT. In this case, the connection is unstable and according to the monitoring I did, the pings increase drastically and sometimes the connection is interrupted.

All these tests have been done and confirmed by more than 5 people.

Musixal commented 1 week ago

If I want to make a comparison with a reverse proxy like Rathole (of course, I know Rathole is not a mesh, but I use it to connect a server to a client behind NAT) Rathole has no problem in the connection above 20000 and keeps the tunnel stable without increasing the delay. But easytier does not provide secure tunnel in lower connections, maybe around 4000. I think adding options such as setting keep alive time interval will help to improve its performance.

KKRainbow commented 1 week ago

I recently used this project. Unfortunately, there are problems that I will explain in the future. The first problem is the low bandwidth it provides. In the best case, the speed cannot be more than 400 Mbps on plain TCP. Do you have a solution? thank you

could you provide these additional infomation:

  1. what device & OS did you use for test
  2. what args is used to launching easytier on your test nodes.
  3. what tools and what commands did you used to do this test. so i can reproduce your test result.

I've done some perf test before and looks good, maybe recent code changes lead to degraded perf

KKRainbow commented 1 week ago

The second problem is when the number of users and connections increases, in this case the latency increases greatly and the process needs to be restarted.

are these users are connected to same virtual net (which means network_name & secret is all same)。

currently all peers in one virtual net forms a full-connected network ( 2^n connection),and in this version the keepalive is very aggressive.

i have plan to optimize this in recent, with on-demand p2p and more smart keepalive strategy

The third problem is in the connection between a server with public IP and a client behind NAT. In this case, the connection is unstable and according to the monitoring I did, the pings increase drastically and sometimes the connection is interrupted.

i'll try this test. thanks a lot for your reporting

KKRainbow commented 1 week ago

If I want to make a comparison with a reverse proxy like Rathole (of course, I know Rathole is not a mesh, but I use it to connect a server to a client behind NAT) Rathole has no problem in the connection above 20000 and keeps the tunnel stable without increasing the delay. But easytier does not provide secure tunnel in lower connections, maybe around 4000. I think adding options such as setting keep alive time interval will help to improve its performance.

I'll try this too. I have not test for the large number of connections.

I'll work on these problems and hoping resolve these all in next release.

Musixal commented 1 week ago

I recently used this project. Unfortunately, there are problems that I will explain in the future. The first problem is the low bandwidth it provides. In the best case, the speed cannot be more than 400 Mbps on plain TCP. Do you have a solution? thank you

could you provide these additional infomation:

  1. what device & OS did you use for test
  2. what args is used to launching easytier on your test nodes.
  3. what tools and what commands did you used to do this test. so i can reproduce your test result.

I've done some perf test before and looks good, maybe recent code changes lead to degraded perf

All tests are taken on Ubuntu 22.04 with Xanmod kernel with 1 gig port. The results with the stock kernel are very low at 150Mb/s. It has been tested in all possible modes, both tcp and udp, and the maximum bandwidth of 400 Mb/s was obtained. Both IPv4 and IPv6 had the same results.

Musixal commented 1 week ago

The second problem is when the number of users and connections increases, in this case the latency increases greatly and the process needs to be restarted.

are these users are connected to same virtual net (which means network_name & secret is all same)。

currently all peers in one virtual net forms a full-connected network ( 2^n connection),and in this version the keepalive is very aggressive.

i have plan to optimize this in recent, with on-demand p2p and more smart keepalive strategy

The third problem is in the connection between a server with public IP and a client behind NAT. In this case, the connection is unstable and according to the monitoring I did, the pings increase drastically and sometimes the connection is interrupted.

i'll try this test. thanks a lot for your reporting

Yes, all clients connected to the same virtual net with same secret and network name.

It is interesting that some people who tested were not able to communicate even in TCP mode. I am researching what was the influencing factor. They may have done the wrong configuration. But I am almost sure about the unstable connection.

Musixal commented 1 week ago

If I want to make a comparison with a reverse proxy like Rathole (of course, I know Rathole is not a mesh, but I use it to connect a server to a client behind NAT) Rathole has no problem in the connection above 20000 and keeps the tunnel stable without increasing the delay. But easytier does not provide secure tunnel in lower connections, maybe around 4000. I think adding options such as setting keep alive time interval will help to improve its performance.

I'll try this too. I have not test for the large number of connections.

I'll work on these problems and hoping resolve these all in next release.

Maybe doing a benchmark test with Vegeta Attack is a good option to go.

Musixal commented 1 week ago

some results for iperf3 and monitoring attached.

Iperf3 in UDP mode iperf3

Ping in TCP mode increases drastically with increasing connections. After restarting easytier latency is ok.
ping1 ping2

KKRainbow commented 1 week ago

thanks for your tests and report. I'll try to resolve the stability & perfomance problems in this issue. https://github.com/EasyTier/EasyTier/issues/140

I'll also link related items to this issue.

KKRainbow commented 1 week ago

But easytier does not provide secure tunnel in lower connections, maybe around 4000. I think adding options such as setting keep alive time interval will help to improve its performance.

how is the connection counted. all p2p connections in one virtual network ?

as for only 254 peer in one virtual network, for one server max 254 conn would be established.

Musixal commented 1 week ago

But easytier does not provide secure tunnel in lower connections, maybe around 4000. I think adding options such as setting keep alive time interval will help to improve its performance.

how is the connection counted. all p2p connections in one virtual network ?

as for only 254 peer in one virtual network, for one server max 254 conn would be established.

For clarification, the internal network has been used as a secure tunnel, and xray core has managed the requests. For example, 100 users are connected to server A and tunneled to server B through the internal network created by easytier. In this scenario where the number of connections is high, easytier has not been stable and reliable.

KKRainbow commented 1 week ago

can i contact you with telegram.

my username: @kkrainbow_1