Forum Replies Created
-
Posts
-
As far as I can see, Firefox works great over VPN, while IE slows down. And I suspect that the problem may be related to DNS. Since you specified DNS in the Wireguard config file, all DNS requests (not only Firefox, but also IE) go to this server. Try removing DNS from the config and/or changing it to something like 8.8.8.8 to see if there is a difference.
One more question, did you run the wiresock client as administrator?
I think the problem you are having is related to the MTU setting in your config file. Try reducing the MTU (for example, from the default 1420 to 1412 or even 1280) and see if there is a difference.
Unlike the standard WireGuard client, WireSock does not support fragmented UDP frames and download performance may be degraded due to packet loss.
Hmm, I’m running Wiresock in a similar setup, although Chrome uses a Wireguard tunnel and Firefox connects directly, and I’ve never noticed much slowdown. Of course, depending on the distance to your Wireguard server (and associated network latency), when you’re browsing the tunnel, websites usually don’t respond as quickly as they would with a direct connection, but that’s expected behavior.
I would first try testing another Wireguard server, preferably one that you set up yourself and has enough CPU and network resources. Otherwise, other VPN clients may affect the performance of your tunnel in unpredictable ways, and a clean test will not be possible.
Do i have to add any tag in the setupcommand for using multiple cores of the processor?
The Wiresock client uses 4 worker threads (4 cores) to process packets, this design seems quite scalable.
Hi, the Wi-Fi hotspot feature requires a special mode to be activated on the Wi-Fi adapter, and this may affect the performance of your Internet access over Wi-Fi network. So, a couple of questions:
- Is the Wi-Fi adapter your only internet connection?
- Are you experiencing Wi-Fi internet degradation without using Wiresock?
Можно побольше информации? Если речь про Wiresock VPN Gateway, то надо переконфигурировать его из режима proxy в NAT. Proxy поддерживает только TCP и UDP.
Hi, yes you are right and in fact I already have a tray icon project. I will finish the first simple version as soon as I have spare time. Hopefully, next weekend.
Hi,
If this is the exact command line
wiresock-client.exe run -config C:\Program Files\WireSock VPN Client\bin\config.conf -log-level all -lac,then you must either add quotes (path contains spaces) or remove the full path (wiresock checks the \bin folder for a config file):
wiresock-client.exe run -config "C:\Program Files\WireSock VPN Client\bin\config.conf" -log-level all -lacOR
wiresock-client.exe run -config config.conf -log-level all -lacHope it helps!
Тут или путь к wireguard.exe (обычно это
C:\Program Files\WireGuard) не был добавлен в PATH (wireguard-installer.exe его должен был добавить) или забыли консоль перезапустить после установки wireguard-installer.exe. Если в PATH его нет, то добавьте вручную и перезапустите powershell.Если виснет при неработающем WireSock VPN Gateway, значит дело не в нем, а в WireGuard Windows Client v0.5.3 и/или, что менее вероятно, его совместимости с Windows 7 (OS уже старенькая, могли не протестировать).
WireGuard Windows Client v0.3.16 год назад прекрасно справлялся с множественными тоннелями, но, если не ошибаюсь, это еще была версия построенная на основе wireguard-go и WinTun…
Добрый день!
Любопытно, дело в том, что похоже, что именно такую конфигурацию я строил тут. Боюсь что-то могли поломать в самом WireGuard Windows Client, к сожалению переход на модуль ядра не добавил ему стабильности.
Для начала попробуйте остановить службу WireSock VPN Gateway, в сущности это всего лишь NAT/PROXY для клиентов подключающихся к серверному тоннелю. Если при неактивной службе подвисание с двумя тоннелями повторится, то тут надо разбираться, что поломали в WireGuard клиенте и возможно откатится на старую версию.
В противном случае для начала попробуйте изменить режим работы WireSock VPN Gateway с PROXY на NAT или наоборот. Эти режимы довольно значительно отличаются, возможно будет какая-то разница в поведении.
Hmm, I suspect that this termination may be due to the panic of the Boringtun library on some particular network packet. Could you collect and share the pcap files by running the Wiresock with
-log-level alluntil the application unexpectedly exits?The Windows API only allows you to get the process context for the TCP and UDP protocols. So, ping.exe sending ICMP packets cannot be resolved and therefore not tunneled.
The simplest alternative would probably be a simple UDP based pinger, which can be easily implemented in Golang.
I just did a quick powershell test with the command line below, and it was correctly intercepted and redirected through the tunnel:
Invoke-WebRequest "http://www.wiresock.net/downloads/wiresock-vpn-gateway-x64-1.0.31.1.msi" -OutFile "wiresock-gateway-x64.msi"I suspect you are expecting child processes launched from cmd or powershell to be tunneled. Note, however, that these child processes have different names and are therefore skipped by the filter. Of course, it is possible to extend the filter for child processes, but initially, I had no such intention.
I wanted to ask about that for a while now, would you say Fast I/O should be faster than events-based approach?
Fast I/O is not about being faster than events-based approach. The main idea of Fast I/O is to guarantee minimum latency, i.e. the time interval between the arrival of a packet on the network adapter and the moment it begins to be processed.
Secondly, is there any way to figure out why ReadPacketsUnsorted fails (returns FALSE)?
Normally, it returns FALSE when there are no packets in the queue.
I also don’t see ReadPacketsUnsorted being used in the fastio_packet_filter class from the cpp examples.
It is not really necessary in you have the sufficient number of shared memory sections.
Also, slightly off-topic, but is there any way to get the packet timestamps out of the captured traffic? I find that getting it from std::chrono for every piece of captured traffic is having an impact on how well it performs and was wondering if I’ve just missed it. So far I’ve moved it out so that the timestamp is generated once for every batch of traffic and I wonder how inaccurate that will be.
The timestamp is not implemented in kernel mode, but if it is needed, then adding it to a custom build is not a big deal.
PS.: Just wanted to let you know that AddSecondaryFastIo is not in the documentation, but I saw how it’s used in the examples.
Thanks for the point. Since this was an experimental API, I postponed its documentation until later. And then I completely forgot about it.
