Open fvaneijk opened 1 year ago
basil00
commented
1 year ago The implementation has a nasty bug where starting->stopping->restarting a layer 2 filter can sometimes cause networking to stop working completely, until reboot. Attempts to track down the bug were unsuccessful, so development was eventually stopped. I suspect the issue may be related to #294 but I have never tested this hypothesis.
basil00
commented
1 year ago the issue may be related to https://github.com/basil00/Divert/issues/294
The problem seems to be resolved after applying the fix for #294.
fvaneijk
commented
1 year ago @basil00 thanks for spending some time on this. You have been very helpful. We will continue our efforts to do some testing and hopefully be able to integrate WinDivert into our protocol stack. What are your plans now that the issue is solved to get the Ethernet layer integrated into the main branch?
basil00
commented
1 year ago I am looking at resuming development of this branch, which will eventually become WinDivert 3.0. This may be a while, since it seems the ethernet layer support is not fully complete, and I last worked on it in 2019. There will also be some other features I'd like to add. After that, it needs extensive testing.
basil00
commented
1 year ago There is a another troubling issue with the Layer 2 support. Whenever a LAYER_ETHERNET handle is opened it seems to briefly interrupt networking causing some packet loss.
I wonder if it is related to this issue? I think WFP layer 2 support uses a LWF driver "under the hood". However, the issue still seems to occur even when I've updated Windows 10.
Another (probably related) issue is that Wireshark packet capture will fail with error whenever a handle is opened.
If anyone has any insights then please let me know.
skshpr
commented
1 year ago Hey @basil00!
With not often use GoodbyeDPI that based on windivert library I've faced with that it completely broken native windows network layer stack somehow. So created earlier VPN connection (win native l2tp) started working very slow and it begin works well when GDPI start to work. Also same scenario happens when trying to run any simple tool from actual version of windivert (flowtrack for example). Resetting all TCP, network settings - doesn't' help. Removing VPN settings - doesn't' help. Removing all network devices with drivers, and it's further reinstalling - doesn't help Trying to kill \ uninstall windivert via windivertctl.exe - doesn't help.
Don't want to reinstall win. It will be last mile.
Summary: Ethernet connection works well without VPN and GDPI. When running VPN, main Ethernet traffic have full speed, but VPN connection is 20 times slower. When running VPN with windivert, main Ethernet traffic is 80% of full speed, VPN connection run at full speed. If switching from Ethernet to WiFi adapter so all works well for main traffic and VPN tho.
Will appreciate any suggestion to dig in... but looking through this thread it seems still unresolved issue.
I can see that there is a branch eth_layer that supports Layer 2. What are the plans to integrate this into the main branch? We are looking to use WinDivert to support Layer 2 send and receive functionality for IEC 61850 GOOSE and Sampled Values (SV) in our IEC 61850 protocol stack. @basil00, wondering what your thoughts on this would be? Would you anticipate any issues with performance as GOOSE and Sampled Values have some strict timing and bandwidth requirements.
See: https://www.typhoon-hil.com/documentation/typhoon-hil-software-manual/References/iec_61850_sampled_values_protocol.html#:~:text=IEC%2061850%20(IEC%2061850%20%E2%80%93%20Communication,a%20Substation%20over%20the%20Ethernet.
As a side note: We have been able to transmit and receive GOOSE messages with a small test application based on the eth_layer branch.
Thanks for your comments.