On 09/12/2024 12:31, Matthieu Baerts wrote:
On 09/12/2024 11:58, Antonio Quartulli wrote:
On 09/12/2024 11:46, Matthieu Baerts wrote:
Hi Antonio,
Thank you for working on this, and sharing your work here!
On 05/12/2024 00:09, Antonio Quartulli wrote:
On 04/12/2024 23:52, Antonio Quartulli wrote:
Paolo,
On 04/12/2024 12:15, Antonio Quartulli wrote: [...]
>> + mutex_lock(&tcp6_prot_mutex); >> + if (!ovpn_tcp6_prot.recvmsg) >> + ovpn_tcp_build_protos(&ovpn_tcp6_prot, &ovpn_tcp6_ops, >> + sock->sk->sk_prot, >> + sock->sk->sk_socket->ops); >> + mutex_unlock(&tcp6_prot_mutex); > > This looks like an hack to avoid a build dependency on IPV6, I think > the > explicit
I happily copied this approach from espintcp.c:espintcp_init_sk() :-D
> > #if IS_ENABLED(CONFIG_IPV6) > > at init time should be preferable
To get this done at init time I need inet6_stream_ops to be accessible, but it seems there is no EXPORT_SYMBOL() for this object.
However, I see that mptcp/protocol.c is happily accessing it. Any clue how this is possible?
I answer myself: mptcp is not tristate and it can only be compiled as built-in.
Indeed, that's why.
Talking about MPTCP, by chance, do you plan to support it later on? :)
Hi Matthieu,
It is not on our current roadmap (TCP doesn't get much love in the VPN world), but I agree it could be an interesting option to explore!
I understand, it makes sense not to recommend using TCP for the transport layer for tunnelling solutions.
I have to admit that I haven't played much with MPTCP myself yet, but I am more than happy to talk about potential advantages for the ovpn use case.
Some people told me they were interested in using OpenVPN with MPTCP to use multiple (low-capacity) network links at the same time. I think intercepting and proxying TCP traffic would always be the best in terms of performances, but using OpenVPN with MPTCP seems to be enough for some, especially when they want to "improve" some type of UDP traffic that cannot be intercepted: QUIC, VPN, etc.
I don't have numbers to share, but I can understand this feature can help in some cases.
Yeah, some people may definitely benefit from this feature. I'll have a look at MPTCP once ovpn is merged.
(This reminds me this: https://github.com/OpenVPN/ovpn-dco/issues/60) (and this: https://github.com/arinc9/openvpn/pull/1)
Right, this definitely shows some interest and it means we should easily find people willing to test :-)
Regards,