search

firezone / firezone

Enterprise-ready zero-trust access platform built on WireGuard®.
https://www.firezone.dev
Apache License 2.0
6.84k stars 285 forks source link

fix(windows): add_route is slow #3114

Closed jamilbk closed 10 months ago

jamilbk commented 10 months ago

Shelling out to netsh Powershell's New-NetRoute is slow.

ReactorScram commented 10 months ago

This API function will probably do the trick. Just need to test it manually once. https://microsoft.github.io/windows-docs-rs/doc/windows/Win32/NetworkManagement/IpHelper/fn.CreateIpForwardEntry2.html

ReactorScram commented 10 months ago

Powershell takes about 800-900 ms, shouldn't be hard to beat image

ReactorScram commented 10 months ago

13,000 ms to about 200 ms. It wasn't critical but I need to bring the tunnel up and down a lot for DNS testing so that 13 seconds really adds up. image

jamilbk commented 10 months ago

13,000 ms to about 200 ms

Awesome work! Seconded re: IPv6. Even though it's not working currently it's probably good to make sure the linked PR doesn't further prevent it from doing so.

What does route print show?

ReactorScram commented 10 months ago

@jamilbk The IPv6 bug was simple so I have a fix in PR #3120 Wintun just wasn't setting the tunnel's IPv6 address correctly, it had the wrong syntax for netsh