hwdsl2
commented
7 months ago @squishycat92 Hello! Thank you for describing your use case. AFAIK, if you use Docker for Mac with the Docker image in this project, note that Docker usually creates a separate network for the containers, therefore it may be difficult to access UDP ports on the Docker host (your Mac) while connected to the VPN server (which is running inside a container).
For this use case, perhaps you can try alternative solutions, such as the direct WireGuard tunnel or Tailscale, as you mentioned.
squishycat92
Hello! I was experimenting with the new High Performance screen sharing mode that Apple recently introduced to macOS Sonoma, which is supposed to (and, at least on LAN connections) reduces latency and increases quality by using the media engine in Apple Silicon Macs to accelerate screen sharing encode and decode.
According to Apple's documentation, this feature requires UDP ports 9000, 9001, and 9002 to be open, which I assume is available through the IKEv2 connection, since the connection succeeds and is able to authenticate to the remote Mac. However, as shown in the attachment below, no picture is displayed - there is only a mouse cursor. Clicks and mouse movements are still translated to the remote machine, but no picture is displayed.
I did quite a bit of research on this issue, and it seems that this issue is not due to a slow connection, since VM network bridges still result in the same issue. Indeed, it appears that this issue is quite widespread, and perhaps due to Apple's implementation of how High Performance Mode might only support local connections: [1], [2].
It is worth noting that someone suggested (but did not test themselves) High Performance mode via Tailscale. I have no clue if this works, and did not try, because Tailscale uses a different approach than a standard IKEv2 VPN like this container. Someone else on StackExchange said that WireGuard is able to perform High Performance, so perhaps it is possible (since Tailscale is based on WireGuard).