search

Ysurac / openmptcprouter

OpenMPTCProuter is an open source solution to aggregate multiple internet connections using Multipath TCP (MPTCP) on OpenWrt
https://www.openmptcprouter.com/
GNU General Public License v3.0
1.81k stars 258 forks source link

OMR-Bypass ignored for UDP traffic when enabling V2Ray/XRay UDP #3535

Open andrewmackrodt opened 2 weeks ago

andrewmackrodt commented 2 weeks ago

Expected Behavior

OMR-Bypass is respected for UDP traffic when using V2Ray/Xray proxy and Enable V2Ray/XRay UDP.

Current Behavior

UDP traffic ignores OMR-Bypass and is transmitted using the VPN.

Steps to Reproduce the Problem

Note: the instructions below are for testing using HTTP/3 (QUIC) but the same behaviour has been tested by running tcpdump on a non-OMR VPS and sending a UDP packet using nc -v -u -z -w 3 <ip> <port> from a client where the MAC address is in the OMR-Bypass list.

  1. Disable Firewall - Traffic Rules for Block QUIC Proxy and Block QUIC All
  2. Set proxy type to XRAY VLESS
  3. Enable V2Ray/XRay UDP under advanced settings
  4. Add an IP/Mac OMR-Bypass rule for the test computer, set it to use WAN1, save and apply
  5. Wait a few seconds for the rule to be applied, e.g. curl ifconfig.co should show WAN IP
  6. Once new IP is confirmed, use an HTTP/3 supporting browser (e.g. Chrome or Edge) and visit https://www.whatismyip.com/ - you may need to refresh after the first visit. The second and subsequent requests should be made using HTTP/3 (QUIC/UDP) and you will see the OMR VPN IP address. If this cannot be reproduced, refer to step 1 to ensure the router is not blocking QUIC, and open the network tab under developer tools, ensure protocol column is visible and check that the request is made with h3.

Context (Environment)

I find UDP over V2Ray to give better bandwidth (maybe latency too) versus using the VPN where Glorytun TCP is the only one to work reliably e.g. when a client computer connects to a UDP based OpenVPN server or Wireguard.

I have various OMR-Bypass rules for things like Netflix or selective device rules, e.g. before I stream from Xbox Cloud. In the latter case, UDP is essential and disabling QUIC as a traffic rule would not work as a workaround.

For now I have disabled Enable V2Ray/XRay UDP so that UDP traffic is sent using Glorytun TCP but crucially, OMR-Bypass rules work as expected.

Specifications

Note: I am using the v0.61 rc from a few days ago, I'm not sure if this also affects the latest stable release.

kevinh-csalabs commented 1 week ago

I'm experiencing omr-bypass issues as well on this build.