porech / engarde Goto Github PK
View Code? Open in Web Editor NEWA go network utility to create a reliable IP tunnel over multiple connections
License: GNU General Public License v2.0
A go network utility to create a reliable IP tunnel over multiple connections
License: GNU General Public License v2.0
Hi there! I'm glad I finally found this piece of programming, after trying to mud my way through openmptcprouter, mlvpn, glorytun, etc.
For a maximum possible reliable connection non of them are really suited. This, combined does exactly what I want! (Looks like it does similar to Speedify redundant mode.
So far I managed to (Running Openwrt client, Debian 9 server vps)
Swap 3 LAN ports to 3 WAN ports and make the WAN port LAN port, all 3 WAN ports receive DHCP from ISP, put them all on WAN firewall zone and enabled default route.
Did all instructions on front page, and manage to ping the tunnel ip 10.97.98.1 end point to vps with on router, and reply back to router as well. So server config seems fine! I can rip wan cables one by one and ping nicely continues.
Now comes part that my local subnet (all clients) need to route to the wg0 interface but so far no luck.
Local brlan is 192.168.1.1/24 and tunnel ips are 10.97.98.1 on vps and 10.97.98.1 on router side.
I tried using policy-based-routing package and tried route from 192.168.1.1/24 etcetera to 10.97.98.1 through wg0 but no luck so far.
Anyone have any tips? Maybe I'm doing something wrong? Seems like last piece of puzzle. If router 192.168.1.1 can do it it cannot be too hard to make it happen for clients on same subnet. Thanks!
Seems promising so far.
It is not essential, because the amd64 binary seems to work fine under Rosetta 2, but a native Apple Silicon (arm64 macOS) binary can be a nice thing.
Hello!
Thank you very much, I love the software. It works really well when I set up wireguard manually using the wg command. However, I can't get it to work with wg-quick. I'm using wg-quick to set up the WireGuard VPN, and forward all my traffic over the VPN. It works perfectly for that after setting up ufw masquerading on the server. Has anyone been able to use engarde with wg-quick, and all traffic forwarding with masquerading?
Here is my setup:
gw-quick conf files
Ubuntu 20.04 server
cat /etc/wireguard/wg0.conf
[Interface]
Address = 10.5.5.1
PrivateKey =
ListenPort = 59301
[Peer]
PublicKey =
AllowedIPs = 10.5.5.0/24
Ubuntu 20.04 client
cat /etc/wireguard/wg0.conf
[Interface]
Address = 10.5.5.5
PrivateKey =
[Peer]
PublicKey =
#Endpoint = <public-ip>:59301
Endpoint = 127.0.0.1:59402
AllowedIPs = 0.0.0.0/0
#AllowedIPs = 10.5.5.0/24
# This is for if you're behind a NAT and
# want the connection to be kept alive.
PersistentKeepalive = 25
engarde configs
server:
listenAddr: "0.0.0.0:59402"
dstAddr: "127.0.0.1:59301"
# You can control engarde-client by accessing the web management interface. Here you can specify its parameters.
# If you don't want a management interface, you can omit this section.
webManager:
# The address to listen to. Leave it empty to disable the management webserver.
listenAddr: "0.0.0.0:9001"
client:
listenAddr: "127.0.0.1:59401"
dstAddr: "<public-ip>:59402"
excludedInterfaces:
- "virbr0"
- "virbr0-nic"
- "wg0"
# You can control engarde-client by accessing the web management interface. Here you can specify its parameters.
# If you don't want a management interface, you can omit this section.
webManager:
# The address to listen to. Leave it empty to disable the management webserver.
listenAddr: "0.0.0.0:9001"
I think It would be useful to have a version code to recognize on which build I'm on while testing.
I should be able to do:
engarde-client -v
engarde-server -v
and have useful information on actual builds, maybe including dates for test builds.
Is it possible to implement?
Thx!
Optimization: Reduced CPU usage on bandwidth load.
Noticed the software is quite CPU bound, although it doesn't currently appear to give me any issues, it could maybe be beneficial for higher throughput on load).
for example one ipv4 with extra ipv6 ?
or two ipv4 with alias for same interface ?
for both server side and client side.
So this might be one issue which you can close soon, as I've not fully verified why it happens.
But when I have 3 wan's connected, sometimes (Sporadically) my latency on the tunnel spikes for a second or two when i take one of the WAN cables out. (Engarde usually throws an error unable to write to socket)
My theory is that when i pull cable out, ifplugd sets link down and there is nothing to write to, creating a short buffer overflow? In which case I might be able to solve it by not using ifplugd and never take any interfaces link down (with ip link) and keep them statically ON? (In /etc/network/interfaces)
If my theory is correct this might be currently just the way it works, but i'll have to investigate this further. Its not like i pull my cables all the time for fun, but if it does happen somehow or bad physical link i'd rather keep stuff as stable as possible :)
First, thank you for your contribution. If I can get this to work properly it will be a lifesaver for me while trying to stream my daughter's competitive events. That said In my brain, I can't see how all these match up.
In your example you have
`_client:
listenAddr: "127.0.0.1:59401"
dstAddr: "198.51.100.32:59402"
excludedInterfaces:
- "eth3"
- "wg0"
server:
listenAddr: "0.0.0.0:59402"
dstAddr: "127.0.0.1:59301_"
`
I get the client dstaddr and server listen address. But 59401 and 59402?
In the actual engarde.yml.sample you have.
Random ports and ip address all over the place. I am finding it very difficult to decipher. While I am not an infrastructure engineer I am in the industry with o ver 20 years of experience.
I think I just need to better understand what Ip's need to go where with what ports.
My wireguard vpn server is using 192.168.10.1 with a local host of 192.168.1.130 and my client is using 192.168.10.2 for the wireguard vpn address and 192.168.0.23 whil connected to a Netgear Nighthawk M1 hotspot. This setup (Wireguard that is) is up and running properly.
Where do I put my public ip that is forwarding to port 51820 in the client yml config. and what do I need to put in the server yml config?
Much appreciated; thank you in advance for any advice offered.
Any chance in creating a video tutorial that shows both client and server setup?
I'm trying to connect from a Windows 10 client to a Ubuntu 18.04 server in the cloud.
Wireguard is all set up and working fine. Able to ping from client to server and server to client. Using it to browse etc.
But once I get Engarde running, nothing seems to be working. I'm unable to ping server from client or ping client from server. Strangely, I'm able to ping 1.1.1.1 from the client but something seems odd as the rtt is 9ms. I usually get around 40 ms.
Came across this issue about Allowed IPs set to 0.0.0.0 possibly causing an issue, but I can't figure out what to change there.
Also came across your discussion on Wireguard mailing lists about an issue with 127.0.0.1 in the Wireguard Windows client. Again, not sure what I can do to fix it.
I'm not much of a network guy so please make the explanation simple. :)
Thanks again for all your effort.
Below are my wireguard configs & then engarde.yml.
Wireguard Server config:
[Interface]
Address = 192.168.2.1
PrivateKey = ******
ListenPort = 54320
SaveConfig = false
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o ens4 -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o ens4 -j MASQUERADE
[Peer]
PublicKey = *****
AllowedIPs = 192.168.2.2/24
Wireguard Client config:
[Interface]
PrivateKey = ****
Address = 192.168.2.2/24
DNS = 1.1.1.1
[Peer]
PublicKey = *****
AllowedIPs = 0.0.0.0/0
Endpoint = 127.0.0.1:54320
Engarde config
---
# Client configuration
client:
description: "My engarde-client instance"
listenAddr: "127.0.0.1:54320"
dstAddr: "SERVERIP:54321"
writeTimeout: 10
excludedInterfaces:
- "Local Area Connection 1"
- "Local Area Connection 2"
- "GCPMumbai"
- "Bluetooth Network Connection"
- "Loopback Pseudo-Interface 1"
dstOverrides: []
webManager:
listenAddr: "0.0.0.0:9001"
username: "engarde"
password: "engarde"
# Server configuration
server:
description: "My engarde-server instance"
listenAddr: "0.0.0.0:54321"
dstAddr: "127.0.0.1:54320"
clientTimeout: 30
writeTimeout: 10
webManager:
listenAddr: "0.0.0.0:80"
username: "engarde"
password: "engarde"
Sorry, this is not really an issue, but more of a few questions I had about engarde. My situation is that I am livestreaming over an ethernet that gives sufficient bandwidth most of the time, but I'd like to have seamless failover to a cellular network (via a dongle) in case the ethernet goes down.
Engarde says "every UDP packet that is emitted (...) and sends it through every available connection. So, the first package that reaches its destination wins, and the others are silently discarded "
I'm not a network guy so I was wondering if you guys could answer a few questions before I dive into trying to make this work.
Thanks for your efforts!
I need to be able to include/exclude interfaces from outside engarde interface (scripted) while its running
is this possible?
Hello. I am trying "Engarde" for the first time and I have problems connecting a windows 11 client to a windows 7.
I have no problems connecting directly with wireguard. I have successful ping. With the same configuration I tried to connect from "engarde-client" MacOS without problems to the same windows 7.
It is possible to use engrade with udp2raw this kind of tools to avoid Qos from carriers when transfer data through UDP
When I trying to transfer large amount of data through UDP, the conncetion often become extreme slow after few second, but everything works well when using TCP.
I think carriers are messing my udp package
To get some form of QoS going, there seems to be two ways to go about it:
Both sides apply egress bandwidth throttling, on router side I set it do 5Mbps for upstream (Basically a bit below the slowest of my 3 WAN interfaces)
VPS side I set egress cap to 50Mbps~ just for safety but to retain at least some bandwidth, basically lower than the lowest ingress (downstream) capability of my fastest WAN interface router side.
This yields perfect SQM on max bandwidth test, latency in tunnel doesn't even budge.
The theory here is that as long as we assume all 3 WAN's work on maximum quality/capacity, and setting the bandwidth cap 15%~ lower than the lowest available WAN interface, the tunnel remains fine. Downside is you'll have to be quite conservative on both sides, and if some WAN interfaces fail on router side, the bandwidth shaping cap might be too loose and no longer functions (Unless you set it really tight like 10Mbps/5Mbps maybe.
The problem is, as soon as I apply SQM (Lets say 1/1Mbps to a single individual WAN interface, the tunnel unexpectedly drops in speed the longer a bandwidth test is ongoing, as if the single capped interface affects the wireguard tunnel at the same time. The tighter I cap the single capped interface, the more regression is shown in the tunnel speed as well.
I'm currently using https://github.com/tohojo/sqm-scripts which is also used on OpenWRT.
For ingress it creates ifb devices to mirror the incoming data so that it can be shaped with tc qdisc.
Currently using this on both sides for applying to wg0 (wireguard) directly but obviously if i try method 2 I adjust parameters to suitable settings.
SCRIPT=layer_cake.qos
EQDISC_OPTS="diffserv3 metro nat dual-srchost no-split-gso ack-filter"
I tried older SQM methods as well, fq_codel etc but they all show the same behavior.
Not sure if this is just impossible to setup to the nature of the beast and it is simply impossible to apply SQM on a redundant setup like this.
Another method of testing is to apply SQM to interface, then ping -I $iface x.x.x.x (so it bypasses tunnel entirely), and no matter how low I cap the interface, pinging is troublesome while there should be plenty of bandwidth left for it.
MAYBE it can be solved with adding (virtual) 'veth' in/out devices in front of my WAN interfaces, but that's quite a complex config. Positive side effect would be that even ingress packets can be manipulated in iptables mangle table before they pass the (to be SQM'ed) veth out-interface
First off, thanks for making this! I need a reliable failproof connection for "high stakes" streaming (ok it's comedy :) ).
Env
Put the engarde client locally, server remote. Used the sample config file but of course edited the destination, and edited the WG tunnel dest.
Connected WG, connected engarde, as far as I can tell. The engarde client reports the new interface and doesn't complain.
With engarde on, unable to ping (8.8.8.8 or 1.1.1.1 for example), nor DNS resolution. rotvpn installs unbound for encrypted DNS, but I get the sense that traffic wasn't flowing period, so not specifically a DNS issue. (I could be wrong about what destinations allow ICMP, to be fair). I checked all the ports that rotvpn opens, and tried to explicitly open any engarde port I could see, as well as setting unbound to accept traffic on all interfaces, from all client IP ranges.
I don't know that it's an issue with DNS, but I'm also not sure how engarde comes into the picture at this point.
I know this is semi vague; I'm hoping for troubleshooting tips to "teach myself to fish" on it.
Thanks in advance!
(Optional, user configurable) Feature suggestion:
Implement some form of FEC (reed-solomon), like TinyFECvpn/udpspeeder with some configurable options (Keep latency low, least intrusive but still some benefit).
Possibly only applied to specific interface, depending on which one might benefit from it. (I know one of my connections have upstream signal issues and this might be of some relief while my other fixed line never has any loss.)
And lets say my 4G connection has a monthly cap, so it would only be a problem for that one, as it would be more bandwidth consumption.
Hey again! Not sure if this is linked to latest code, but I was doing some SQM/QOS testing and restricted one WAN interface on client side to like 100kbit/s.
After some load testing the server crashed. That's a first in a like over a week!
Nothing fundamentally changed on the VPS side. No crash client side.
time="2019-11-29T22:07:23+01:00" level=info msg="New client connected: '62.131.70.190:49954'"
time="2019-11-29T22:07:25+01:00" level=info msg="New client connected: '62.131.70.190:43027'"
time="2019-11-29T22:07:27+01:00" level=info msg="New client connected: '62.131.70.190:38965'"
time="2019-11-29T22:07:36+01:00" level=info msg="New client connected: '62.131.70.190:60572'"
time="2019-11-29T22:07:42+01:00" level=info msg="New client connected: '62.131.70.190:39355'"
time="2019-11-29T22:07:43+01:00" level=info msg="New client connected: '62.131.70.190:36497'"
time="2019-11-29T22:07:44+01:00" level=info msg="Client '62.131.70.190:41589' timed out"
time="2019-11-29T22:07:44+01:00" level=info msg="New client connected: '62.131.70.190:33321'"
time="2019-11-29T22:07:45+01:00" level=info msg="New client connected: '62.131.70.190:53847'"
time="2019-11-29T22:07:46+01:00" level=info msg="Client '62.131.70.190:49954' timed out"
time="2019-11-29T22:07:46+01:00" level=info msg="New client connected: '62.131.70.190:47163'"
time="2019-11-29T22:07:47+01:00" level=info msg="Client '62.131.70.190:43027' timed out"
time="2019-11-29T22:07:47+01:00" level=info msg="New client connected: '62.131.70.190:52890'"
time="2019-11-29T22:07:48+01:00" level=info msg="New client connected: '62.131.70.190:38526'"
time="2019-11-29T22:07:49+01:00" level=info msg="New client connected: '62.131.70.190:42441'"
time="2019-11-29T22:07:50+01:00" level=info msg="New client connected: '62.131.70.190:60905'"
time="2019-11-29T22:07:51+01:00" level=info msg="New client connected: '62.131.70.190:34752'"
time="2019-11-29T22:07:52+01:00" level=info msg="New client connected: '62.131.70.190:58098'"
fatal error: concurrent map iteration and map write
goroutine 19 [running]:
runtime.throw(0x8a8bc9, 0x26)
/usr/local/go/src/runtime/panic.go:774 +0x72 fp=0xc0000e1828 sp=0xc0000e17f8 pc=0x42f6c2
runtime.mapiternext(0xc0000e1f60)
/usr/local/go/src/runtime/map.go:858 +0x579 fp=0xc0000e18b0 sp=0xc0000e1828 pc=0x410c49
main.receiveFromWireguard(0xc00009e240, 0xc00009e248)
/home/travis/build/porech/engarde/cmd/engarde-server/main.go:182 +0x207 fp=0xc0000e1fd0 sp=0xc0000e18b0 pc=0x7b5697
runtime.goexit()
/usr/local/go/src/runtime/asm_amd64.s:1357 +0x1 fp=0xc0000e1fd8 sp=0xc0000e1fd0 pc=0x45bf31
created by main.main
/home/travis/build/porech/engarde/cmd/engarde-server/main.go:124 +0x4c4
goroutine 1 [runnable]:
syscall.Syscall6(0x2d, 0x5, 0xc0000e368c, 0x5dc, 0x0, 0xc0000e3360, 0xc0000e3354, 0x50, 0x5dc, 0x0)
/usr/local/go/src/syscall/asm_linux_amd64.s:44 +0x5
syscall.recvfrom(0x5, 0xc0000e368c, 0x5dc, 0x5dc, 0x0, 0xc0000e3360, 0xc0000e3354, 0xffffffffffffffff, 0xc0000e3378, 0x42c27a)
/usr/local/go/src/syscall/zsyscall_linux_amd64.go:1618 +0xa3
syscall.Recvfrom(0x5, 0xc0000e368c, 0x5dc, 0x5dc, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xd43a80, 0xfc6620)
/usr/local/go/src/syscall/syscall_unix.go:273 +0xaf
internal/poll.(*FD).ReadFrom(0xc000094280, 0xc0000e368c, 0x5dc, 0x5dc, 0x0, 0x0, 0x0, 0x0, 0x0)
/usr/local/go/src/internal/poll/fd_unix.go:215 +0x13e
net.(*netFD).readFrom(0xc000094280, 0xc0000e368c, 0x5dc, 0x5dc, 0xc0000e3588, 0x5b3abb, 0xc000094200, 0xc0000e368c, 0x50)
/usr/local/go/src/net/fd_unix.go:208 +0x5b
net.(*UDPConn).readFrom(0xc00009e248, 0xc0000e368c, 0x5dc, 0x5dc, 0x50, 0x0, 0x0, 0xbae54185f3812601)
/usr/local/go/src/net/udpsock_posix.go:47 +0x6a
net.(*UDPConn).ReadFromUDP(0xc00009e248, 0xc0000e368c, 0x5dc, 0x5dc, 0xc00010b920, 0x50, 0x0, 0x0)
/usr/local/go/src/net/udpsock.go:109 +0x5d
main.receiveFromClient(0xc00009e248, 0xc00009e240, 0xc00010b920)
/home/travis/build/porech/engarde/cmd/engarde-server/main.go:138 +0x79
main.main()
/home/travis/build/porech/engarde/cmd/engarde-server/main.go:125 +0x4ef
engarde-server ver. 996e6b3 (master)
time="2019-11-29T22:13:01+01:00" level=info msg="Listening on 0.0.0.0:59402"
time="2019-11-29T22:13:28+01:00" level=info msg="New client connected: '192.145.56.17:60386'"
time="2019-11-29T22:13:31+01:00" level=info msg="New client connected: '62.131.70.190:35177'"
root@redundant:~#
Hi! Just noticed (maybe) a small bug, not exactly sure.
I excluded an interface yesterday and an hour later re-included it.
Now i look today it was included but says xxxxx seconds not received any data (basically 12 ish hours or so), so i excluded and reincluded it just now and it just works fine again instantly.
Maybe there is some small bug that not always properly saves the new state though the API?
No respond from engarde.linuxzogno.org
This is Google's cache of https://engarde.linuxzogno.org/builds/testing/update-ng-9/windows/. It is a snapshot of the page as it appeared on 1 Jan 2022 11:34:05 GMT.
Hello, I was trying to test engarde but I can't manage to get it work:
root@vultr:~# ./engarde-server
engarde-server ver. 816a73e (master)
INFO[0000] Listening on 0.0.0.0:59402
INFO[0000] Management webserver listening on 0.0.0.0:9001
INFO[0052] New client connected: 'xxx.xxx.xxx.xxx:57702'
INFO[0052] New client connected: 'xxx.xxx.xxx.xxx:20084'
INFO[0102] Client 'xxx.xxx.xxx.xxx:57702' timed out
INFO[0102] Client 'xxx.xxx.xxx.xxx:20084' timed out
This is my WireGuard server config file:
[Interface]
Address = 10.200.200.1/24
SaveConfig = true
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -t nat -A POSTROUTING -o ens3 -j MASQUERADE; ip6tables -A FORWARD -i %i -j ACCEPT; ip6tables -t nat -A POSTROUTING -o ens3 -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -t nat -D POSTROUTING -o ens3 -j MASQUERADE; ip6tables -D FORWARD -i %i -j ACCEPT; ip6tables -t nat -D POSTROUTING -o ens3 -j MASQUERADE
ListenPort = 51820
PrivateKey = xxx
[Peer]
PublicKey = xxx
AllowedIPs = 10.200.200.2/32
And this is my WireGuard client config file:
[Interface]
PrivateKey = xxx
Address = 10.200.200.2/24
DNS = 1.1.1.1
[Peer]
PublicKey = xxx
AllowedIPs = 10.200.200.0/24
Endpoint = 127.0.0.1:59401
PersistentKeepalive = 25
And this is my engarde.yml
:
client:
listenAddr: "127.0.0.1:59401"
dstAddr: "xxx.xxx.xxx.xxx:59402"
excludedInterfaces:
- "Ethernet 3"
- "Vultr-Miami"
- "vEthernet (DockerNAT)"
- "vEthernet (Default Switch)"
- "Loopback Pseudo-Interface 1"
webManager:
listenAddr: "0.0.0.0:9001"
username: "engarde"
password: "engarde"
server:
listenAddr: "0.0.0.0:59402"
dstAddr: "127.0.0.1:51820"
clientTimeout: 30
webManager:
listenAddr: "0.0.0.0:9001"
username: "engarde"
password: "engarde"
Without engarde I can ping my server at 10.200.200.1
but when I set the Endpoint to 127.0.0.1:59401
I can not longer ping it.
Some times the server detects the client addresses, but I have to reset my WireGuard client and the engarde client multiple times for some reason...
I am currently using Windows, but I don't believe that is the issue here.
Is there something that I missed on my setup? I want to tunnel everthing trough WireGuard but when I change AllowedIPs to 0.0.0.0/0
I lose my internet connection.
Sorry for my noob question I am kind of new to WireGuard.
Anyway, thanks for you effort making this program I wanted to do something similar but then I discovered this.
First of all, amazing job on creating this functionality. Thankyou so much !!
In the docs you have mentioned that is Mulitple engarde clients will need to connect to multiple engarde server instances as of now. Combining this is a WIP.
Any specific timeframe for this :)
Errors in send or receive on UDP are never checked. A sending routine should be destroyed and re-created everytime an UDP error occurs, because an UDP error can occur only when the socket becomes invalid.
Hi ale-rinaldi,
First of all thank you so much for your wonderful project.
I am trying this on
engarde server on Ubuntu VPS
engarde cliner on Window 10
What ever I try I see internet becoming dead slow after injecting engarde.
Other wise WireGuard alone works fine.
The installation guide is not clear to understand.
But some how understood the flow and started.
Btw, can we use this for live video streaming ?
Hello, first - thanks for this great project, its works aswesome!
And small question - how to build client and server with builtin webserver ? I can build client and server, but they are without built in webmanager (404 error), official build do include webmanager in single binary file...
Thanks alot!
tool: engarde-server
version: latest (github)
platform: Linux (Ubuntu Server 18.04)
issue: if a configuration file is created, it could have no "server" section and still it will start and listen to nothing.
details:
./engarde-server
INFO[0000] Listening on
expected behaviour: it should exit with an error code like when no configuration file is found
Images in the README file are unreachable after tinypic shutdown. We need to upload them somewhere else and change the reference.
engarde-client is not correctly handling multiple networking devices on Linux systems. It gives out no errors, but the transmission on an interface which is not the first will fail.
Hello I was wondering if you could add a "classic" Bonding mode as you discussed on lowendtalk,
let me know as I would love to test
Display a clear, terrifying alert if someone tries to exclude the only active interface. The alert should clearly explain that the tunnel WILL go down FOR SURE, and ask if the user is REALLY REALLY sure about it. Maybe we should block the attempt at all?
Having a bit of an issue and I'm unable to debug what's wrong.
My connections are an ethernet Lan cable and a WiFi from a phone hotspot.
Engarde is on via TUNSafe.
I'm using this config to do a livestream with OBS.
When I unplug the Lan cable, the livestream continues, albeit with a slight drop in bitrate (because of the WiFi bandwidth).
I plug the Lan back in, and turn off the data on my phone. (So the laptop is still connected to the hotspot, but no data will go through). The livestream continues (via Lan). Strangely, the Windows Performance tab continues to show data going through WiFi! Though it seems to be a replica of the Lan graph. Engarde's web console shows only Ethernet connected. The WiFi connection shows no packets going through.
However, if I disable the hotspot on my phone, the livestream bitrate drops to zero for a few seconds, before coming back up again. I'm guessing OBS or engarde or something assumes the connection went down.
Not sure why this would happen, especially considering that just turning off the data on my phone doesnt have this effect.
Configs are as below:
TUNSAFE
[Interface]
PrivateKey = **
Address = 192.168.2.2/24
DNS = 1.1.1.1
MTU = 1360
[Peer]
PublicKey = **
AllowedIPs = 0.0.0.0/0
Endpoint = 127.0.0.1:54320
ENGARDE
client:
description: "My engarde-client instance"
listenAddr: "127.0.0.1:54320"
dstAddr: "34.87.166.121:54321"
excludedInterfaces:
- "Local Area Connection* 1"
- "Local Area Connection* 2"
- "Ethernet 2"
- "GCPMumbai"
- "Bluetooth Network Connection"
- "Loopback Pseudo-Interface 1"
dstOverrides: []
webManager:
listenAddr: "0.0.0.0:9001"
username: "engarde"
password: "engarde"
server:
description: "My engarde-server instance"
listenAddr: "0.0.0.0:54321"
dstAddr: "127.0.0.1:54320"
clientTimeout: 30
writeTimeout: 10
webManager:
listenAddr: "0.0.0.0:80"
username: "engarde"
password: "engarde"
There's no reason why client and server should be two different executables. Also, there's no reason why a single process can hold only a single configuration.
It would be more comfortable to be able to insert multiple configurations into the same YML file, and run them together into the same process. Each config would have a "type" parameter to specify if it's client or server.
For example:
pcToServer:
type: client
description: "I am the first client"
listenAddr: "127.0.0.1:59402"
dstAddr: "203.0.113.1:59401"
webManager:
listenAddr: "0.0.0.0:9001"
pcToAnotherServer:
type: client
description: "I am the second client"
listenAddr: "127.0.0.1:59402"
dstAddr: "203.0.113.2:59401"
webManager:
listenAddr: "0.0.0.0:9002"
iAlsoActAsServer:
type: server
description: "This time, I am a server"
listenAddr: "0.0.0.0:59501"
dstAddr: "127.0.0.1:59301"
webManager:
listenAddr: "0.0.0.0:9003"
To keep compatibility with the current config file, a configuration named "client" would automatically set its type as client, and a configuration name "server" would automatically set its type as server.
This issue is also a discussion point to evaluate the feature: if you feel like this could break your workflow, or that there's a better way to handle this, let's talk about it!
Hi, do you think could be possible to add bonding capabilities to engarde? What do you think about this code?
Server:
// Import necessary packages
// Define a struct for storing bonded interfaces
type BondedInterfaces struct {
Interfaces []*net.UDPConn
}
// Initialize bonded interfaces
var bondedInterfaces BondedInterfaces
// Function to bond multiple network interfaces
func bondInterfaces() {
// Add code to initialize and bind multiple network interfaces
// For example, iterate through available interfaces and create UDP connections
// Store these connections in bondedInterfaces.Interfaces slice
}
// Function to distribute outgoing traffic across bonded interfaces
func distributeTraffic(data []byte) {
// Iterate through bonded interfaces and send data over each interface
for _, conn := range bondedInterfaces.Interfaces {
_, err := conn.Write(data)
if err != nil {
log.Warn("Error writing to bonded interface:", err)
}
}
}
// Modify main function to include bonding
func main() {
// Initialize bonded interfaces
bondInterfaces()
// Add other existing logic...
// Modify the existing send function to distribute traffic
go receiveFromClientBonded(ClientSocket, WireguardSocket, WireguardAddr)
}
// Modify existing send function to include bonding capabilities
func receiveFromClientBonded(socket, wgSocket *net.UDPConn, wgAddr *net.UDPAddr) {
buffer := make([]byte, 1500)
for {
n, srcAddr, err := socket.ReadFromUDP(buffer)
if err != nil {
log.Warn("Error reading from client")
continue
}
// Distribute traffic across bonded interfaces
go distributeTraffic(buffer[:n])
}
}
Client:
// Import necessary packages
// Modify main function to include bonding
func main() {
// Initialize bonded interfaces
bondInterfaces()
// Add other existing logic...
// Modify the existing receive function to handle bonded interfaces
go receiveFromWireguardBonded(WireguardSocket, &WireguardAddr)
}
// Modify existing receive function to handle bonded interfaces
func receiveFromWireguardBonded(wgsock *net.UDPConn, sourceAddr **net.UDPAddr) {
buffer := make([]byte, 1500)
for {
n, srcAddr, err := wgsock.ReadFromUDP(buffer)
if err != nil {
log.Warn("Error reading from Wireguard")
continue
}
*sourceAddr = srcAddr
// Send received data to client application
sendToClientBonded(buffer[:n])
}
}
// Function to send data to client application over bonded interfaces
func sendToClientBonded(data []byte) {
// Add code to send data to client application over bonded interfaces
// For example, distribute data across bonded connections
}
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.