omr-tracker problem

[rstanislav]

When connections lost, and for example only 1 available i see in log: Sun Sep 9 23:00:43 2018 daemon.info omr-tracker-ss: Shadowsocks is up (can contact 173.194.73.101) Sun Sep 9 23:00:46 2018 user.notice post-tracking-post-tracking: omrvpn down. Replace default route by 192.168.164.1 dev eth2 Sun Sep 9 23:00:46 2018 user.notice post-tracking-post-tracking: omrvpn down because gateway down Sun Sep 9 23:00:46 2018 user.notice post-tracking-post-tracking: Tunnel down use ShadowSocks for UDP

But UDP for shadowsocks disabled as in default settings..

Also as i noticed same server as master server for shadowsocks and VPN can't be used by OMR tracker for tests right ? omr always reports that "Shadowsocks is down (can't contact (ip hidden for privacy reasons))" (but there is web server on port 80 that answers 200 ok status with html page with body "ok".

Also - omr tracker uses all configured remote ip addresses to test at 1 after another if first ip test failed right ?

And sorry for some many (many stupid) questions - but what dns servers are used ? Some of main problem of mptcp is dns queries from what i have learned in using mptcp in past - dnsmasq can do concurrent queues to multiple servers and answer to client from first server its get answer (this option)

All Servers

Query all available upstream DNS servers

is it possible to change config so there is list of defined dns servers for each WAN interface(by using route table) and as result dnsmasq will try to query all of them at same time thru different WAN's + ovpntunnel and in if it gets answer from any of them it will answer to client, because currently it tries to get answer from unbound dns service from what i understand, but if omrtracker is not detecting wan link downs fast enough it can result in failed requests and client will see this as failed connection, but in case of scheme i described above it will get dns resolved and even if omrtracker reacted not fast enough browser will wait (because it got dns resolved and before showing that page load failed it tries to connect few times) and when omrtracker changed connection path to tunnel/shadowsocks/direct connection over working WAN interface user will see only slow delay in page load, instead of completely failure.

[Ysurac]

• When VPN is down, ShadowSocks is used for UDP by default. At least if hi2 ss-redir client is configured in mode "tcp and udp". I don't understand what issue you have here.

• True. OMR server can't be used for tracker.

• True, all ips configured are used for test 1 after 1.

• Root DNS servers are used. MPTCP don't care about DNS, because many DNS queries are over UDP and not TCP, it's why a TCP VPN is used for UDP by default. I will not use WAN defined DNS because each user would need to know them, and ISP often hijacks DNS.

[rstanislav]

I don't understand why use shadowsocks for UDP if tunnel is down - shadowsocks will also use UDP to server to redirect this connection(so it will not utilize MPTCP) and so will work only via currently active WAN set as default gateway, why not just use active WAN that is set as default gateway?

About DNS - i was talking not about WAN dns, but about possibility to set custom DNS in each WAN configuration (additional option/list under MPTCP mode in advanced settings for example) - so for these DNS servers openmptcprouter adds static route only via this each specific WAN to these servers, as a result dnsmasq configured with option "All Servers" for requests will try to query them all at same time(in parallel)(it will query unbound local dns caching service and also all these custom servers) for each dns request and will answer to user as soon as any of them answers.(i'm talking about dnsmasq only because i know for sure it will do requests to all these servers in parallel(concurrent), unbound from what i know dont work this way, it can detect that upstream server is down and use another, but in case of this project where mptcp used not only for aggregation but also for fast switching between working WANs fast answer to dns query is very important) I know that DNS is using UDP and thats main problem - if omrtracker not detected link down fast enough DNS query over tcp tunnel (glorytun/openvpn etc...) or via direct wan connection if tunnel is down will fail(because in case of vpn tunnel down it will use only 1 WAN currently active as main with default route via it) and as result query can fail.

With this change if atleast 1 WAN is working and no matter of how omrtracker works DNS request will be successful and will result in more "smooth" user experience (as i said before for example browser and many other programs/services often tries to connect multiple times to server but only in case if DNS request was successful).

For me its a bit hard to explain, my english is bad :(

I know this is additional work and not so many people will use it, but i can try to do it myself, in this case will you accept pull request ?

[Ysurac]

• It use ShadowSocks to get the same UDP IP output address as TCP.

• Can be a choice, but ISP can see all DNS traffic then... I always accept good pull request with accepted CLA (Contributor License Agreement). But this will be not so easy to add, you have to play with route, iptables mark and ip rule.