Closed Zloi78 closed 6 months ago
Hello,
Can you run the client and the server with this env variable set RUST_LOG=trace
and paste the output for the client and the server.
Besides that, one thing I can see is that in the old version your tunnel was listening on all interfaces
wstunnel -u --udpTimeoutSec -1 -L 0.0.0.0:33355:127.0.0.1:51820 wss://xxx.yyy.zzz
note the 0.0.0.0
while with the new command line you are only listening on the loopback interface
wstunnel client -L udp://33355:127.0.0.1:51820 wss://xxx.yyy.zzz
Try with
wstunnel client -L 'udp://0.0.0.0:33355:127.0.0.1:51820?timeout_sec=0' wss://xxx.yyy.zzz
Try with
wstunnel client -L 'udp://0.0.0.0:33355:127.0.0.1:51820?timeout_sec=0' wss://xxx.yyy.zzz
Yes. My mistake was exactly this. Thank you!
One more problem.
These are the iperf3 results I get from both versions:
MTU = 1320
v.6.0
iperf3 -c 192.168.1.2 -t 10 warning: Ignoring nonsense TCP MSS -2146716928 Connecting to host 192.168.1.2, port 5201 [ 5] local 192.168.0.2 port 16545 connected to 192.168.1.2 port 5201 [ ID] Interval Transfer Bitrate [ 5] 0.00-1.00 sec 384 KBytes 3.13 Mbits/sec [ 5] 1.00-2.01 sec 1.62 MBytes 13.6 Mbits/sec [ 5] 2.01-3.01 sec 1.00 MBytes 8.36 Mbits/sec [ 5] 3.01-4.02 sec 640 KBytes 5.23 Mbits/sec [ 5] 4.02-5.00 sec 640 KBytes 5.31 Mbits/sec [ 5] 5.00-6.01 sec 768 KBytes 6.27 Mbits/sec [ 5] 6.01-7.01 sec 768 KBytes 6.27 Mbits/sec [ 5] 7.01-8.01 sec 512 KBytes 4.18 Mbits/sec [ 5] 8.01-9.00 sec 512 KBytes 4.24 Mbits/sec [ 5] 9.00-10.01 sec 512 KBytes 4.18 Mbits/sec
[ ID] Interval Transfer Bitrate [ 5] 0.00-10.01 sec 7.25 MBytes 6.08 Mbits/sec sender [ 5] 0.00-10.22 sec 6.47 MBytes 5.31 Mbits/sec receiver
v.7.2.0
iperf3 -c 192.168.1.2 -t 10 warning: Ignoring nonsense TCP MSS -2146716928 Connecting to host 192.168.1.2, port 5201 [ 5] local 192.168.0.2 port 17642 connected to 192.168.1.2 port 5201 [ ID] Interval Transfer Bitrate [ 5] 0.00-1.00 sec 256 KBytes 2.10 Mbits/sec [ 5] 1.00-2.00 sec 0.00 Bytes 0.00 bits/sec [ 5] 2.00-3.01 sec 0.00 Bytes 0.00 bits/sec [ 5] 3.01-4.01 sec 0.00 Bytes 0.00 bits/sec [ 5] 4.01-5.02 sec 0.00 Bytes 0.00 bits/sec [ 5] 5.02-6.00 sec 0.00 Bytes 0.00 bits/sec [ 5] 6.00-7.01 sec 0.00 Bytes 0.00 bits/sec [ 5] 7.01-8.01 sec 0.00 Bytes 0.00 bits/sec [ 5] 8.01-9.01 sec 0.00 Bytes 0.00 bits/sec [ 5] 9.01-10.00 sec 0.00 Bytes 0.00 bits/sec
[ ID] Interval Transfer Bitrate [ 5] 0.00-10.00 sec 256 KBytes 210 Kbits/sec sender [ 5] 0.00-10.22 sec 11.2 KBytes 9.02 Kbits/sec receiver
Direct connection (without wstunnel)
iperf3 -c 192.168.1.2 -t 10 warning: Ignoring nonsense TCP MSS -2146716928 Connecting to host 192.168.1.2, port 5201 [ 5] local 192.168.0.2 port 17537 connected to 192.168.1.2 port 5201 [ ID] Interval Transfer Bitrate [ 5] 0.00-1.01 sec 7.62 MBytes 63.4 Mbits/sec [ 5] 1.01-2.00 sec 4.88 MBytes 41.1 Mbits/sec [ 5] 2.00-3.01 sec 9.25 MBytes 77.3 Mbits/sec [ 5] 3.01-4.01 sec 8.25 MBytes 69.0 Mbits/sec [ 5] 4.01-5.00 sec 7.00 MBytes 59.2 Mbits/sec [ 5] 5.00-6.00 sec 4.00 MBytes 33.5 Mbits/sec [ 5] 6.00-7.00 sec 3.88 MBytes 32.6 Mbits/sec [ 5] 7.00-8.01 sec 4.00 MBytes 33.3 Mbits/sec [ 5] 8.01-9.01 sec 4.62 MBytes 39.0 Mbits/sec [ 5] 9.01-10.00 sec 4.38 MBytes 36.9 Mbits/sec
[ ID] Interval Transfer Bitrate [ 5] 0.00-10.00 sec 57.9 MBytes 48.5 Mbits/sec sender [ 5] 0.00-10.11 sec 54.3 MBytes 45.1 Mbits/sec receiver
Can you share how you start the client and the server, and the command to start iperf3 server side ?
The server part of both version 6 and version 7 is launched on Synology in docker and in reverse proxy mode. Here is the docker compose data:
v.6.0 version: "3.5" services: wstunnel-s: image: zloi78/wstunnel:6.0 command: wstunnel --server ws://127.0.0.1:33344 --restrictTo=127.0.0.1:51820 container_name: wstunnel-s network_mode: "host" ports:
v.7.2.0 version: "3.5" services: wstunnel-s: image: zloi78/wstunnel:latest command: wstunnel server ws://127.0.0.1:33344 --restrict-to=127.0.0.1:51820 container_name: wstunnel-s network_mode: "host" ports:
The client part is running on the NUC (also in Docker). Here is the docker compose data:
v.6.0 version: "3.5" services: wstunnel-c: image: zloi78/wstunnel:6.0 command: wstunnel -u --udpTimeoutSec -1 -L 0.0.0.0:33355:127.0.0.1:51820 wss://xxx.yyy.zzz container_name: wstunnel-c-ds network_mode: "host" ports:
v.7.2.0 version: "3.5" services: wstunnel-c: image: zloi78/wstunnel:latest command: wstunnel client -L udp://0.0.0.0:33355:127.0.0.1:51820 wss://xxx.yyy.zzz container_name: wstunnel-c-ds network_mode: "host" ports:
And the iperf3 server side command:
iperf -s
All works fine for me. I have the same kind of setup than you, I guess. wsclient ---> nginx ---> wstunnel server
A couple of note.
?timeout_sec=0'
to avoid auto closing the tunnel after 30 secYou can find below my runs
Hello,
I had time to dig into the issue with wireguard, and you may want to use the new release https://github.com/erebe/wstunnel/releases/tag/v7.7.2 , it improves throughput by a lot. Wireguard requires to respect its udp framing, which wstunnel 7.x was not doing before.
Release https://github.com/erebe/wstunnel/releases/tag/v7.8.0, should be the real deal :)
- On wstunnel client for the udp tunnel, you need to add
?timeout_sec=0'
to avoid auto closing the tunnel after 30 sec
Is it also recommended to set this in version 7.8.0?
Not directly related to the issue, but I thought I'll mention anyway:
I see there is now a --tls-sni-override=
option on the client, so all that fiddling with /etc/hosts
or using dnsmasq
is no longer necessary, instead use ip address + tls-sni-override option to establish the tunnel.
@Zloi78 if you are tunneling VPN traffic, yes absolutely
@Kirill888 you right, and just to add. Don't forget to set the HTTP host header if you are behind a CDN
I am closing the issue. Feel free to re-open if the performance are nok.
Having a problem upgrading to 7.x.x using wireguard with wstunnel (with nginx).
I set up the connection according to the guide at https://kirill888.github.io/notes/wireguard-via-websocket/ And on version 6.0 everything worked great.
In version 6.0 I use the following settings:
server: wstunnel --server ws://127.0.0.1:33344 --restrictTo=127.0.0.1:51820
client: wstunnel -u --udpTimeoutSec -1 -L 0.0.0.0:33355:127.0.0.1:51820 wss://xxx.yyy.zzz
Connection established!
In version 7.x.x I use the following settings:
server: wstunnel server ws://127.0.0.1:33344 --restrict-to=127.0.0.1:51820
client: wstunnel client -L udp://33355:127.0.0.1:51820 wss://xxx.yyy.zzz
No connection!
What am I doing wrong?