OpenVPN ignores connected WiFi and uses cellular data

Post Reply
XU4MeuXb82E
OpenVpn Newbie
Posts: 5
Joined: Wed Jul 31, 2013 10:42 am

OpenVPN ignores connected WiFi and uses cellular data

Post by XU4MeuXb82E » Mon Aug 12, 2013 4:19 am

I discovered a problem about the VPN on demand / auto reconnect thing (not sure it is OpenVPN or iOS problem)

The VPN seems to ignore the connected Wifi connection, and keep using cellular data.

I discovered this by connecting my iPhone 5 with LTE to a super slow wifi network, and using auto-connect OpenVPN profile, which also routes all my iPhone traffic via the VPN server.

However, despite the super slow wifi network, the speed test (use speedtest app) of my iPhone 5 still reaches the LTE level, which is quite impossible. The only reason is that it is still using my LTE connection while I am connected to Wifi.

It happen when iOS / OpenVPN "auto reconnects" the VPN, this problem does not appear if I trigger the connection myself in OpenVPN or iOS Settings app.


The detail testing steps are as follow:

Pre-requisite:
a) OpenVPN server or client profile will route all traffics via VPN server: push "redirect-gateway" or redirect-gateway in client
b) OpenVPN Connect in iOS will reconnect itself
c) A wifi network with large speed difference with your iPhone
i) either a very slow one (ADSL connection)
ii) or a very fast one (Optic Fiber one which goes over 100Mbps and a fast router)


Testing steps:
1) Connect iPhone to WiFi
2) Connect iPhone to OpenVPN server
3) Do the speed test (take note that it is the WiFi speed)
4) Open Settings app, switch off WiFi
5) Switch on WiFi, connect back to the same WiFi network
6) Wait VPN auto-connect itself
7) Do the speed test again (take note that it is not the WiFi speed this time, it is your cellular data speed!)

XU4MeuXb82E
OpenVpn Newbie
Posts: 5
Joined: Wed Jul 31, 2013 10:42 am

Re: OpenVPN ignores connected WiFi and uses cellular data

Post by XU4MeuXb82E » Thu Aug 15, 2013 7:20 am

I checked server side log, in case of "auto reconnect" , iOS always reconnect via cellular network even when connected to a WiFi network.

Is this a bug in OpenVPN Connect app or iOS itself?

mwandelaar
OpenVPN Expert
Posts: 219
Joined: Mon Nov 23, 2009 8:24 pm

Re: OpenVPN ignores connected WiFi and uses cellular data

Post by mwandelaar » Thu Aug 15, 2013 9:12 am

Is this a bug in OpenVPN Connect app or iOS itself?
I guess in the iOS. Normal applications have no control over the routing and preferred interface. I think the OS remembers the earlier used interface and directs the traffic over there.
But this is only a guess, as i don't own an iOS device....

XU4MeuXb82E
OpenVpn Newbie
Posts: 5
Joined: Wed Jul 31, 2013 10:42 am

Re: OpenVPN ignores connected WiFi and uses cellular data

Post by XU4MeuXb82E » Thu Jan 02, 2014 1:39 am

Update:

Ignores the guessing part by reading speed difference, I can confirm this (even with latest iOS 7.0.4) from OpenVPN server side status log.

Even my iPhone is connected to Wi-Fi, OpenVPN Connect app still reconnect to the VPN via cellular connection, confirmed by reading server side status log.

jamesyonan
OpenVPN Inc.
Posts: 169
Joined: Thu Jan 24, 2013 12:13 am

Re: OpenVPN ignores connected WiFi and uses cellular data

Post by jamesyonan » Thu Jan 02, 2014 3:45 am

The basic approach used by OpenVPN Connect to switch between networks is this...

iOS sends "network reconfiguration events" to OpenVPN. A "network reconfiguration event" is a transition from network unavailable to available or vice versa. There are the three kinds of transitions:

1. unavailable -> available

2. available -> unavailable

3. available -> available

If OpenVPN is paused and (1) occurs, it will automatically reconnect.

If OpenVPN is connected and (2) occurs, it will pause the connection.

(3) means a transition from one kind of a network to another such as WiFi <-> cellular. In this case, OpenVPN will do a reconnect in 3 seconds on the active network.

Now whenever OpenVPN reconnects it does so on the current "active" network. iOS determines the active network by the way that it sets either the WiFi or cellular interface as the current default gateway. If you look at the routing table on an iOS device using a tool such as System Status, you will see that when multiple networks are available at the same time (such as WiFi and cellular), iOS will usually mark the lower priority interfaces with the RTF_IFSCOPE flag ("I") and the interface without this flag will be the dominant interface, where OpenVPN or other network apps like Safari will open connections on this interface by default. Normally, iOS considers WiFi to be a higher priority than cellular data, so if both are available, iOS usually sets the RTF_IFSCOPE flag on the cellular data interface to favor WiFi.

If you believe that OpenVPN is connecting on the wrong interface, it might be useful to take a screenshot of the routing table in System Status to see how iOS has ordered the priority of the interfaces.

There is a known issue in iOS 7 where OpenVPN will not automatically reconnect on cellular. We are working with Apple to resolve this particular issue.

Also, the upcoming OpenVPN 1.0.4 release adds a new setting to the Settings app under OpenVPN where you can choose the reconnection strategy:

Active (default) : When connected, always attempt to reconnect after network reconfiguration events.

Lazy : When connected, attempt to preserve existing connection during network reconfiguration events.

Disabled : Don't consider network state when initially connecting, and don't use network state changes to trigger pause/reconnect/disconnect behaviour.

1.0.1 -> 1.0.3 uses Active by default.

James

Post Reply