Implement the "Fast VPN mobility" features & saner pings

This is where we can discuss what we would like to see added or changed in OpenVPN.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Post Reply
janedoe
OpenVpn Newbie
Posts: 2
Joined: Fri Mar 18, 2016 2:16 pm

Implement the "Fast VPN mobility" features & saner pings

Post by janedoe » Fri Mar 18, 2016 2:21 pm

Hi! First and foremost, it would be nice to implement WAN connection maintenance functionality as described in this paper (Essentially, a MOBIKE equivalent for openvpn, but simpler)
https://www.researchgate.net/publicatio ... i_hotspots

Good thing is that the paper authors already made the relevant modifications, so maybe they can be convinced to contribute the already existing code to OpenVPN project.

Second (partially related) - it would be nice to have some more client-side flexibility to ping, ping exit and the like parameters.
Many OpenVPN-based commercial providers set their pings too damn low which results in considerable battery drain on mobile (setting the keepalive clientside currently does nothing, since server pushes updated ping values... it would be nice to be able to configure things clientside more flexibly)

User avatar
Traffic
OpenVPN Protagonist
Posts: 4066
Joined: Sat Aug 09, 2014 11:24 am

Re: Implement the "Fast VPN mobility" features & saner pings

Post by Traffic » Fri Mar 18, 2016 2:36 pm

janedoe wrote:it would be nice to have some more client-side flexibility to ping, ping exit
The problem with this is that --keepalives (aka openvpn pings) are not echoed (replied to) like standard ICMP echo request.

If the server uses e.g --keepalive 30 60 and you setup your client (for battery saving) with something like e.g --ping 300 & --ping-restart 600 then the server will timeout your connection after 120 seconds of inactivity.

Another possible approach may be to contact your VPN provider and ask them to consider more battery friendly --keepalive values for their VPN ..

janedoe
OpenVpn Newbie
Posts: 2
Joined: Fri Mar 18, 2016 2:16 pm

Re: Implement the "Fast VPN mobility" features & saner pings

Post by janedoe » Fri Mar 18, 2016 4:03 pm

Good point.
Perhaps if one were to do the "Fast VPN mobility" thing anyways (which requires client and server modifications), one also implement a different "connection maintenance" logic for mobile users (I humbly think that a mobile-friendly logic would need to be more client driven, a-la "client negotiates with server how often the client will ping server, pings server at X interval, server knows when to wait for pings from this particular dude. If no pings arriving for N times X interval, server assumes something happened and timesout")

User avatar
Traffic
OpenVPN Protagonist
Posts: 4066
Joined: Sat Aug 09, 2014 11:24 am

Re: Implement the "Fast VPN mobility" features & saner pings

Post by Traffic » Fri Mar 18, 2016 4:08 pm

janedoe wrote:Perhaps if one were to do the "Fast VPN mobility" thing
I don't know enough to comment on that.
janedoe wrote:I humbly think that a mobile-friendly logic would need to be more client driven, a-la "client negotiates with server how often the client will ping server
This can be done now .. more or less .. but the server admin would have to implement the entire scheme .. the client could not implement it otherwise servers would be at considerable risk.

Post Reply