User Tools

Site Tools


doc:uci:mptcp

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
doc:uci:mptcp [2014/08/04 10:47]
xedp3x
doc:uci:mptcp [2015/06/08 21:48] (current)
Torrentus Corrected typo's and grammatical errors
Line 1: Line 1:
-====== ​Disclaimer ​======+====== ​MultipathTCP and OpenWRT ​====== 
 + 
 +This page discusses the MultipathTCP support in OpenWRT. 
 + 
 +===== Disclaimer ===== 
 **this is not part of the trunk jet** **this is not part of the trunk jet**
-clone it form https://​github.com/​xedp3x/​openwrt if you like.+ 
 +Clone the multipath TCP capable kernel from https://​github.com/​xedp3x/​openwrt if you like.
  
 ===== Multipath TCP ===== ===== Multipath TCP =====
  
-Multipath TCP (MPTCP) is an effort towards enabling the simultaneous use of several IP-addresses/​interfaces by a modification of TCP that presents a regular TCP interface to applications,​ while in fact spreading data across several subflows. Benefits of this include better resource utilization,​ better throughput and smoother reaction to failures+Multipath TCP (MPTCP) is an effort towards enabling the simultaneous use of several IP-addresses/​interfaces by a modification of TCP that presents a regular TCP interface to applications,​ while in fact spreading data across several subflows. Benefits of this include better resource utilization,​ better throughput and smoother reaction to failures.
  
-You have to install on both devices ​the patches KernelFor PCs see at [[http://​multipath-tcp.org]]+You have to install ​the patched kernel ​on both devices ​that are involved in a Multipath TCP connection 
 +If these devices are PC's more info can be found at [[http://​multipath-tcp.org]]
  
-If you PC and Server have connection your router ​can'​t ​use the mptcp protocol. ​You have to solutions:​ +If your PC and Server have an ordinary TCP-connectionyour router ​cannot ​use the MPTCP-protocol ​by default 
-  * use a proxy on the router +To make it work, you have two possible ​solutions:​ 
-  * use a VPN to an endpoint with faster network. ​So you can use all uplinks for all traffic ​inclusive ​to a unpatched Server.+  * Use a proxy on the router 
 +  * Use a VPN to an endpoint with faster network. ​In this way, you can use all uplinks for all traffic, even trafic ​to a non-MPTCP-server.
  
 ==== Build image ==== ==== Build image ====
-**MP-TCP ​work with a patched kernel.** +**MP-TCP ​works with a patched kernel.** 
-See [[doc/​howto/​build]] for a better manual. +See [[doc/​howto/​build]] for a better manual ​on how to compile your own version of OpenWRT
-  - clone the repo + 
-  - load the feeds + - clone the repo 
-  - make menuconfig + 
-    - select your device + - load the feeds 
-    - select the '​mptcp'​ package + 
-  - make kernel_menuconfig + - make menuconfig 
-    - on the top is written ​the kernel version. Only 3.10.x and 3.14.x are supported +  - select your device 
-    - activate mptcp +  - select the '​mptcp'​ package 
-  - make+  ​- //It is useful to also compile OpenVPN and it's dependencies and possible other packages that you plan to use in this step. // 
 + - make kernel_menuconfig 
 +  - on the top the kernel version ​is shown. Only version ​3.10.x and 3.14.x are supported. 
 +  - activate mptcp 
 + - make
  
-==== Configurat ​==== +  
-mp-tcp are running without any config. But to use it with multiple interfaces on you device you have to configure ​the interfaces.+==== Configuration ​==== 
 +MPTCP is running without any configuration. But if you want to use it with multiple interfaces on your device you have to configure ​these interfaces.
  
 To enable the scripts call To enable the scripts call
Line 35: Line 48:
   uci set network.<​name>​.multipath=<​option>​   uci set network.<​name>​.multipath=<​option>​
  
-There are the following options:+Here you can choose one of the following options:
 | on | No special config | | on | No special config |
 | master | Like "​on"​ but also set the default route for all other traffic (**use it for one interface!**) | | master | Like "​on"​ but also set the default route for all other traffic (**use it for one interface!**) |
Line 42: Line 55:
 | handover | Establish a connection only if no other interface available (slower switch but normally none traffic) | | handover | Establish a connection only if no other interface available (slower switch but normally none traffic) |
  
-submit you change ​with: +Save your changes ​with: 
-  uci commit +  ​uci commit 
-  /​etc/​init.d/​network restart+  ​/​etc/​init.d/​network restart
  
-The script ​generate ​multiple default routes in different tables and rules. ​That my makes problems with other packages. I'm sure that it will **not work with multiwan**+The script ​generates ​multiple default routes in different tables and rules. ​These may make problems with other packages. I'm sure that it will **not work with multiwan**
  
 ==== Test ==== ==== Test ====
  
-you can see all connection ​by:+you can see all current connections ​by using:
   multipath -c   multipath -c
  
-If you have installed the patched net-tools on you pc you can see it in a better way by+If you have installed the patched net-tools on your pc you can see MPTCP'​s behaviour ​in a better way by using
   netstat -m   netstat -m
-The patch are not portet ​to this repo jet.+   
 +The patched version of netstat is not yet ported ​to this repo yet.
  
 ===== VPN Example ===== ===== VPN Example =====
-This is an example for an VPN over 2 WAN connections. ​I route the whole network to the VPN endpoint and do the NAT ther. So I need a back route from there.+This is an example for VPN over 2 WAN connections. ​It routes ​the entire ​network to the VPN endpoint and sends the data to the internet there, consequently it needs a back route from there which is why you should (also) implement NAT on the remote side of the VPN tunnel.
  
-With this configuration ​you have no encryption on the VPN link. This is faster but it is not secure. ​Use only this if you don't need secure, for example if you have only traffic in the internet. +The following ​configuration ​has **no encryption** on the VPN link. This is faster but it is not secure. ​The configuration ​also updates ​the MAC address ​to prevent ​problems ​in case you have 2 ISP clients ​but the same address.
-also update ​the MAC address ​because you can get problems ​if you have 2 ISP clients ​with the same address.+
  
   network.globals.multipath=enable   network.globals.multipath=enable
 +  ​
   network.wan1=interface   network.wan1=interface
   network.wan1.proto=dhcp   network.wan1.proto=dhcp
Line 69: Line 83:
   network.wan1.macaddr=XX:​XX:​XX:​XX:​XX:​01   network.wan1.macaddr=XX:​XX:​XX:​XX:​XX:​01
   network.wan1.multipath=master   network.wan1.multipath=master
 +  ​
   network.wan2=interface   network.wan2=interface
   network.wan2.proto=dhcp   network.wan2.proto=dhcp
Line 74: Line 89:
   network.wan2.macaddr=XX:​XX:​XX:​XX:​XX:​02   network.wan2.macaddr=XX:​XX:​XX:​XX:​XX:​02
   network.wan2.multipath=on   network.wan2.multipath=on
 +  ​
   network.tap1337=interface   network.tap1337=interface
   network.tap1337.proto=none   network.tap1337.proto=none
   network.tap1337.ifname=tap1337   network.tap1337.ifname=tap1337
 +  ​
   ​   ​
   firewall.@zone[1].name=wan   firewall.@zone[1].name=wan
Line 87: Line 104:
   firewall.@zone[2].network=tap1337   firewall.@zone[2].network=tap1337
   firewall.@zone[2].forward=ACCEPT   firewall.@zone[2].forward=ACCEPT
 +  ​
   firewall.@forwarding[0]=forwarding   firewall.@forwarding[0]=forwarding
   firewall.@forwarding[0].dest=vpn   firewall.@forwarding[0].dest=vpn
Line 93: Line 111:
   firewall.@forwarding[2].dest=lan   firewall.@forwarding[2].dest=lan
   firewall.@forwarding[2].src=vpn   firewall.@forwarding[2].src=vpn
 +  ​
   ​   ​
   openvpn.mptcp=openvpn   openvpn.mptcp=openvpn
Line 135: Line 154:
   ip route flush cache   ip route flush cache
  
-**Server ​Config**+**Server ​Configuration** 
 + 
 +OpenVPN
   port 1194   port 1194
   proto tcp   proto tcp
Line 149: Line 170:
   keepalive 10 120   keepalive 10 120
   ​   ​
-  #​comp-lzo ​        # Compression - must be turned on at both end+  #​comp-lzo ​        # Compression - must be turned on at both ends
   persist-key   persist-key
   persist-tun   persist-tun
Line 160: Line 181:
   up /​etc/​openvpn/​up.sh ​ # < Set the back route in this script.   up /​etc/​openvpn/​up.sh ​ # < Set the back route in this script.
  
-example ​of the server up.sh+Example ​of the server up.sh //(replace 192.168.1.0 with your own value)//.
   #!/bin/sh   #!/bin/sh
   #The client IPs are fixed in the ipp.txt   #The client IPs are fixed in the ipp.txt
   ip route add 192.168.1.0/​24 via 10.9.8.2 dev $1   ip route add 192.168.1.0/​24 via 10.9.8.2 dev $1
  
-Don'​t ​vergot the NAT at the Server. (google ​for examples "debain ​nat")+Don'​t ​forget to implement ​NAT at the Server. ​ 
 +// 
 +(for examples, browse ​"debian ​nat")//
doc/uci/mptcp.1407142061.txt.bz2 · Last modified: 2014/08/04 10:47 by xedp3x