strange behavior during work via VPN

[pompushko]

Hello

I faced strange issue, while cannelloni works via VPN. I tried to use Wireguard and OpenVPN. Works only when using ethernet or wifi connection.

Here is candump of phisycal bus on server when I connected via VPN:

flasher@flasher:~ $ candump can0,18DAF120:FFFFFFFF,18DA20F1:FFFFFFFF
  can0  18DA20F1   [3]  02 10 03
  can0  18DAF120   [7]  06 50 03 00 32 01 F4
  can0  18DA20F1   [4]  03 22 F1 90
  can0  18DAF120   [8]  10 14 62 F1 90 5A 41 52
  can0  18DA20F1   [3]  30 00 00

And here is candump of phisycal bus on server when I connected via etherner or wifi:

flasher@flasher:~ $ candump can0,18DAF120:FFFFFFFF,18DA20F1:FFFFFFFF
  can0  18DA20F1   [3]  02 10 03
  can0  18DAF120   [7]  06 50 03 00 32 01 F4
  can0  18DA20F1   [4]  03 22 F1 90
  can0  18DAF120   [8]  10 14 62 F1 90 5A 41 52
  can0  18DA20F1   [3]  30 00 00
  can0  18DAF120   [8]  21 45 41 45 41 56 58 4A
  can0  18DAF120   [8]  22 37 35 39 31 31 32 34

18DA20F1 is a my application 18DAF120 is a hardware device

Maybe I need to play with MTU? I cant see any problems in logs of application. Im not sure if that is issue of cannelloni , but Im trying to understand what is wrong. I have Raspberry Pi Zero with CAN FD HAT. Thank you!

[mguentner]

Yes, probably #6 - until this is fixed, you can change to TCP which does not have these issues.

[mguentner]

What happens if you reduce ETHERNET_MTU?

[pompushko]

Yes, probably #6 - until this is fixed, you can change to TCP which does not have these issues.

Im sorry. I forget to write - I tried to use TCP, UDP and SCTP...

[mguentner]

What MTU does your wireguard interface have?

[pompushko]

What MTU does your wireguard interface have?

Now I use OpenVPN (because I thought about bad VPN), and here is a data: tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500

UPD: reducing MTU to 1450 doesnt helps ;(

[mguentner]

UDP will most likely fail. Try with TCP instead. You probably need to reduce the MTU even further in any case. Also you can check the tunnel interface with tcpdump / Wireshark.

[pompushko]

UDP will most likely fail. Try with TCP instead. You probably need to reduce the MTU even further in any case. Also you can check the tunnel interface with tcpdump / Wireshark.

Well. Now I am using a TCP only. But no luck. Also, I tried to catch all data in my VPN interface - no any strange activity ;(

[pompushko]

Btw, for me is strange, why I doesn't receive rest packets from device... Like it stops to transmit them.

[mguentner]

@pompushko #6 is fixed, you can now set the MTU for UDP connections. Specifically this allows cannelloni to be used on wireguard connections as the MTU here is often not 1500 :) Check again whether this improves the situation.

[pompushko]

@pompushko #6 is fixed, you can now set the MTU for UDP connections. Specifically this allows cannelloni to be used on wireguard connections as the MTU here is often not 1500 :) Check again whether this improves the situation.

Thank you :)

I will do that tomorrow!

But Im using only TCP...

[mguentner]

Are you able to use the VPN interface using other TCP applications? For example iperf?

[pompushko]

Are you able to use the VPN interface using other TCP applications? For example iperf?

I can try to test...

[pompushko]

Tested.... Nothing changed ;(

Tested many MTUs... even 1000... iperf show me this:

Server listening on 5201
-----------------------------------------------------------
Accepted connection from 10.8.0.10, port 32956
[  5] local 10.8.0.6 port 5201 connected to 10.8.0.10 port 32966
[ ID] Interval           Transfer     Bitrate
[  5]   0.00-1.00   sec   313 KBytes  2.56 Mbits/sec
[  5]   1.00-2.00   sec   483 KBytes  3.96 Mbits/sec
[  5]   2.00-3.00   sec   755 KBytes  6.19 Mbits/sec
[  5]   3.00-4.00   sec   892 KBytes  7.31 Mbits/sec
[  5]   4.00-5.00   sec  1.07 MBytes  8.98 Mbits/sec
[  5]   5.00-6.00   sec  1.19 MBytes  9.97 Mbits/sec
[  5]   6.00-7.00   sec  1.21 MBytes  10.2 Mbits/sec
[  5]   7.00-8.00   sec  1.15 MBytes  9.66 Mbits/sec
[  5]   8.00-9.00   sec  1.47 MBytes  12.3 Mbits/sec
[  5]   9.00-10.00  sec  1.39 MBytes  11.7 Mbits/sec
[  5]  10.00-10.37  sec   553 KBytes  12.2 Mbits/sec
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval           Transfer     Bitrate
[  5]   0.00-10.37  sec  10.4 MBytes  8.42 Mbits/sec                  receiver
-----------------------------------------------------------

Installed again, but x64 distro, same issue :( Locally works via any protocol (UDS or TCP), but via VPN doesnt ;(

Here is tcpdump of connection via local wifi:

19:36:35.013932 IP 192.168.3.96.20000 > 192.168.3.75.44386: Flags [P.], seq 155:164, ack 37800, win 18, options [nop,nop,TS val 3150756930 ecr 4073880981], length 9
19:36:35.056260 IP 192.168.3.75.44386 > 192.168.3.96.20000: Flags [.], ack 164, win 1120, options [nop,nop,TS val 4073881030 ecr 3150756930], length 0
19:36:35.058934 IP 192.168.3.96.20000 > 192.168.3.75.44386: Flags [P.], seq 164:172, ack 37800, win 18, options [nop,nop,TS val 3150756976 ecr 4073881030], length 8
19:36:35.059087 IP 192.168.3.75.44386 > 192.168.3.96.20000: Flags [.], ack 172, win 1120, options [nop,nop,TS val 4073881032 ecr 3150756976], length 0
19:36:35.063434 IP 192.168.3.75.44386 > 192.168.3.96.20000: Flags [P.], seq 37800:37813, ack 172, win 1120, options [nop,nop,TS val 4073881037 ecr 3150756976], length 13
19:36:35.066844 IP 192.168.3.96.20000 > 192.168.3.75.44386: Flags [P.], seq 172:180, ack 37813, win 18, options [nop,nop,TS val 3150756984 ecr 4073881037], length 8

[mguentner]

Try with two vcan interfaces on each side:

     RPi                                                Laptop 💻
[can0] [vcan0] cannelloni ------- wireguard -------- cannelloni [vcan0] 
  👆 unused                                            

Then use cangen to generate traffic.

[mguentner]

@pompushko and I were able to resolve it in a private chat.