This repository has been archived by the owner on Jun 3, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 3
Home
Chenyao Lou edited this page Jul 9, 2020
·
20 revisions
wg-mesh uses iptables connmark to track the connection originated from the local, so the connections on other non-wireguard devices will not be routed to the wireguard tunnel.
BBR allows the TCP quickly to bump the speed to the bandwidth limit resulted in the less first loading time when watching videos. BBR also does not prone to throttle in the lossy network. But some websites do not use BBR as the congestion control algorithm. To utilize BBR, iptables redirects all the TCP connections to a userspace proxy, which does useless forwarding but with "side-effecting" that converting the TCP congestion control to the BBR configured in the OS.
- 🛎️ Increase the limit of numbers of file descriptors. Should we disable
any_proxyby default? - 🛎️ Monitor
freedns-goandany_proxyand restart them in case of the crash - Now in some kernel versions, BBR may degrade the network performance. Try to identify those versions and automatically mask BBR configs. https://bbs.archlinux.org/viewtopic.php?id=234276. It is fixed in the default kernel of Ubuntu 20.04.
- Add a new function
lan_to_nat_gatewayfor the LAN devices whose gateway is awg-meshhost. So that it can bridge a physical router with the mesh network. - Implement the deployment script. Integrate it into CI/CD.
- Verify the validation/metrics in the mock network.
- 🛎️ go-any-proxy runs CPU at 100 percent on a Linux machine
- The wg disconnects randomly on a Linux machine and does not reconnect (I suspect that someone manually disconnected it)