Closed bakulf closed 3 years ago
The simplest approach that comes to mind would be to replace the Server
class provided to the controller with a QList<Server>
that describes the routing path packets need to take (with the innermost tunnel first), and in the simple case of a single-hop tunnel the platform only needs to pay attention to the first entry in the list.
When it comes to setting up the interface, it's only the innermost tunnel that would require complicated platform setup (eg: for firewall, DNS and split tunneling) The intermediate hops should be a lot simpler since they should only contain fairly well-defined traffic (UDP wiregard packets always sent to a single, well-known IP), and it would just take a single routing table entry to direct their traffic accordingly.
For quick-and-dirty UX during development, this feature could be enabled by a single boolean option and let the client pick the intermediate hop(s) randomly from the available servers until a more complex UX flow is needed.
However, this kind of simple approach might prevent us from being able to do complicated things in the future, such as directing different traffic flows along different paths, or a server switch smewhere in an intermediate hop, in which case I think we really will need some kind of multi-controller.
➤ Valentina Virlics commented:
Verified this as a new feature for 2.5 VPN release based on the reviewed Test Cases and Test Plan;
Platform support for multihop connections provides the functionality needed for this feature. As a high level description of how this works, we can add each server in the multihop connection to the wireguard interface as a peer, and then make use of the routing table to assemble the packet’s route.
The scope of this issue only includes the bare minimal UI, and a crude path selection algorithm, needed to test the feature.
Acceptance Criteria:
Controller
class is extended to allow either one or multiple hops to be selected.┆Issue is synchronized with this Jira Task