Re: Allowing space for packet headers in Wintun Tx/Rx

On Sat, Apr 10, 2021 at 7:35 AM David Woodhouse wrote: > On Sat, 2021-04-10 at 13:38 +, Simon Rozman wrote: > > Hi David,This is my proposal: > > https://git.zx2c4.com/wintun/commit/?id=eebd6aea4f75551f6e847a1d4fff857450bac6e9 > > Awaiting review and zx2c4 approval. > > Regards, Simon > > > Lo

Re: T-Mobile 4G/5G CGNAT vs WireGuard tunnel jitter

> On Apr 10, 2021, at 10:59 AM, Roman Mamedov wrote: > > On Sat, 10 Apr 2021 10:27:23 -0500 > Lonnie Abelbeck wrote: > >> I have been testing the T-Mobile Home Internet (4G/5G fixed wireless) >> service to a Linode VM via WireGuard. >> >> The TMHI service uses CGNAT plus an additional NAT

Re: T-Mobile 4G/5G CGNAT vs WireGuard tunnel jitter

Hi Mo, I have the latest hardware (gray cylinder) -- Typically 3 of 5 bars 4G Band: B2 5G Band: n71 -- Note the huge jitter only occurs inbound, which is difficult to measure without using WireGuard. The same UDP iperf3 tests outbound (gw-lan->linode) range from 3 to 8 ms jitter, regardless of

Re: T-Mobile 4G/5G CGNAT vs WireGuard tunnel jitter

On Sat, 10 Apr 2021 10:27:23 -0500 Lonnie Abelbeck wrote: > I have been testing the T-Mobile Home Internet (4G/5G fixed wireless) service > to a Linode VM via WireGuard. > > The TMHI service uses CGNAT plus an additional NAT in their modem/gateway > with a MTU of 1420, so WireGuard is configur

Re: T-Mobile 4G/5G CGNAT vs WireGuard tunnel jitter

Thanks for sharing, I have also been running WG tunnels over T-Mobile home internet and haven’t seen any of the jitter you are reporting. Did you try the same tests (outbound) without running them via WG? Which modem do you have? How many signal bars are you getting? Also, what does an non-tunn

T-Mobile 4G/5G CGNAT vs WireGuard tunnel jitter

Greetings, I have been testing the T-Mobile Home Internet (4G/5G fixed wireless) service to a Linode VM via WireGuard. The TMHI service uses CGNAT plus an additional NAT in their modem/gateway with a MTU of 1420, so WireGuard is configured with a 1340 MTU. Everything works, but I thought I wou

Re: Allowing space for packet headers in Wintun Tx/Rx

On Sat, 2021-04-10 at 13:38 +, Simon Rozman wrote: > Hi David,This is my proposal: > https://git.zx2c4.com/wintun/commit/?id=eebd6aea4f75551f6e847a1d4fff857450bac6e9 > Awaiting review and zx2c4 approval. 😊 > Regards, Simon Looks good to me; thanks. Just need to work out how to cross-build it

Wireguard on Windows 10 Pro joined to a domain with limited rights

Hi team, I'm using the version 0.3.9 and it's working fine for now except that I need to put the end user (domain User) inside the local admin group to make it work . Please note that with a PC not join to a domain , wireguard is running fine with a local user wich is member of "Network operator

Re: Duplicate IP address, and permissions problems on Windows

On Thu, Apr 8, 2021 at 9:59 AM David Woodhouse wrote: > Hm, your description doesn't match the code I see at that link. > > You're using GetAdaptersAddresses() which gives you the UP/DOWN status > as well as the addresses, and you iterate over those. The loop is > > ∀ adapter, ∀ Unicast address o

Re: Allowing space for packet headers in Wintun Tx/Rx

On Thu, Apr 8, 2021 at 10:10 AM David Woodhouse wrote: > On Thu, 2021-04-08 at 09:42 -0700, Daniel Lenski wrote: > > On Thu, Apr 8, 2021 at 7:37 AM David Woodhouse wrote: > > > If we do need a header larger than 4 bytes, then we are forced to do > > > things properly by adding support in the kern

Re: Allowing space for packet headers in Wintun Tx/Rx

On Thu, Apr 8, 2021 at 7:37 AM David Woodhouse wrote: > = > PPP over DTLS > = > > We just added support for the PPP-based protocols (Fortinet, F5) and > I'm not sure we even know what the DTLS-based version looks like on the > wire, do we? If the header is 4 bytes or few

Re: Duplicate IP address, and permissions problems on Windows

On Thu, Apr 8, 2021 at 1:46 AM David Woodhouse wrote: > Unless netsh will do it for us when we ask *it* to set the IP address? > OpenConnect doesn't normally bother itself with administrivia like setting IP > addresses; its job is to pass packets. I'm afraid not. I tried playing around with var

Re: Allowing space for packet headers in Wintun Tx/Rx

On Wed, Apr 7, 2021 at 4:49 AM David Woodhouse wrote: > If WintunSendPacket took an additional 'offset' argument to disregard a > certain number of bytes at the beginning of the buffer, that would > probably suffice. Or is it possible to simply add to the pointer > returned by WintunAllocateSendPa

Re: Duplicate IP address, and permissions problems on Windows

On Wed, Apr 7, 2021 at 1:18 AM David Woodhouse wrote: > > On Tue, 2021-04-06 at 18:17 -0600, Jason A. Donenfeld wrote: > > With regards to permissions, you must be Local System, which is > > already the case if you're running inside a service. If you'd like to > > run as a mere Administrator proce

Re: Duplicate IP address, and permissions problems on Windows

On Tue, Apr 6, 2021 at 5:17 PM Jason A. Donenfeld wrote: > It's pretty typical behavior on Windows for IP addresses to be > exclusive per interface. WireGuard for Windows does something similar: > https://git.zx2c4.com/wireguard-windows/tree/tunnel/addressconfig.go#n22 Thank you! That's very inte

RE: Allowing space for packet headers in Wintun Tx/Rx

Hi David,This is my proposal:https://git.zx2c4.com/wintun/commit/?id=eebd6aea4f75551f6e847a1d4fff857450bac6e9Awaiting review and zx2c4 approval. 😊Regards, Simon smime.p7s Description: S/MIME cryptographic signature

Re: Duplicate IP address, and permissions problems on Windows

On Thu, 2021-04-08 at 10:53 -0700, Daniel Lenski wrote: > On Thu, Apr 8, 2021 at 9:59 AM David Woodhouse wrote: > > Hm, your description doesn't match the code I see at that link. > > > > You're using GetAdaptersAddresses() which gives you the UP/DOWN status > > as well as the addresses, and you