Closed its0ka closed 3 months ago
that's because on the server side some your application is still trying to send traffic over the VPN. tinyfecVPN server was just faithfully encapsulating and forwarding your packet to tinyfecVPN client.
the current behavior is similiar to wireguard. I don't think this is a bug or desgin problem.
please implement a timeout and detect icmp port unreachable messages, thank you
if you have special need you can fork the code and implement a customize version
"that's because on the server side some your application is still trying to send traffic over the VPN. tinyfecVPN server was just faithfully encapsulating and forwarding your packet to tinyfecVPN client."
i verified that there is no data going through the tun interface with "tcpdump -i tinyfec_tun" on both sides before stopping the process, if i don't stop the client then this is what i see (no data going through tun interface)
Hi, sorry my last reply was wrong.
There is a keep_alive_feature which sends packets every 3s, so that the NAT device won't revoke the NAT channel.
In https://github.com/wangyu-/tinyfecVPN/blob/master/tun_dev.h, there is a:
const int keep_alive_interval = 3000; // 3000ms
Currently I didn't make it a tune-able parameter. If you want to disable this feature, you can change 3000 to a super large value. (at compile time)
I can make this const int keep_alive_interval = 3000; // 3000ms
tune-able from a cmdline argument in the next release.
But not planning to add detecing loss of connection.
please implement a timeout or detect icmp port unreachable messages
In my desgin I would like the VPN to be still working after recovering from a long period of network outage, regardless of how long the outage is. The current desgin is (almost) stateless and (almost) connection-less.
tinyfecVPN is meant to be tiny and simple. So I want to avoid the concept of connection timeout.
If you need VPN with more feature, maybe you can use "UDPspeeder" + "wiregaurd or openvpn"
thank you, my country is VERY strict on internet censorship and i just wanted to avoid long udp sessions. my upload speed is only 600kbit/s and udpspeeder + wireguard uses a bit more bandwidth than tinyfecvpn so i wanted to use tinyfecvpn. i'll just stop the server when it's not in use
i just wanted to avoid long udp sessions
if that's the main concern you can change:
const int keep_alive_interval = 3000; // 3000ms
to
const long long keep_alive_interval = 1e17;
Re-compile at server side, then server will never send any packet on it's own. And you will not need to stop the server manually.
oh, thanks for mentioning it again, i didn't get it at first, this will work nicely, thank you!
client side wireshark
194.180.x.x is the server, 192.168.1.2 is the client at packet 90 i stopped the client, but the server still tried to contact it endlessly every 3 seconds, i waited 8 hours and it didn't stop. please implement a timeout or detect icmp port unreachable messages, thank you