-
-
Notifications
You must be signed in to change notification settings - Fork 250
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
UDP client traffic exhibits very low performance/does not aggregate #3067
Comments
UDP will always be slower than TCP for now. There is no good way to aggregate UDP traffic (I'm open if you know something). |
Thank you for getting back to me so quickly. I really appreciate your work. I have tried the 6.1 kernel version for this release, and it is giving me trouble. On a different virtualized omr on the same hardware node that is running the 5.4 kernel omr referenced in this ticket (and of course using a different VPS) using the same WANs you see above it does not connect with mptcp, at all, and fails MPTCP Support Check. So, clearly that issue is not the local hardware/network or the WANs. I am in the process of investigating that further. I test aggregation for UDP traffic by observing bandwidth consumption. The non-aggregated UDP traffic will use, say, 30 Mbps on the master WAN and the traffic on the other two WANs is ~0. When the UDP traffic is aggregated, I will see 6-8 Mbps on each WAN for about 20 Mbps on speedtest. Now, that same VPN client traffic to the same OpenVPN server via TCP will use 60-70 Mbps on all three WANs, for a total of 150+ Mbps used on the OMR proxy (*initially, though after an hour or two it typically disaggregates one or two WANs and the disaggregated WANs show ~0 traffic again, as per #2936). So initially the TCP-based VPN clients can get, say, 100 Mbps but after a few hours, after one or more WANs are dropped from aggregation for that ongoing connection, (but the WANs still show a green check in status) the client VPNs won't get more than ~30 Mbps until the OpenMPTCPRouter Settings Wizard "Save & Apply" is clicked and the client VPNs are reconnected. Then it's back to fully aggregated speed until it falls apart again. UDP performance wouldn't be as high of a priority for me if TCP disaggregation could be prevented/recovered from without requiring kicking omr + client vpns multiple times a day (which necessitates logging back into multiple end user apps, etc). |
For 6.1, server part must also be installed with 6.1 VPS script. As 5.4 will go legacy (not my fault, it's a nightmare to maintain an old kernel...), changes will only be made on 6.1. |
Yes, for that, a brand new 6.1 VPS was installed using the I am in the process of creating another VPS w/ 6.1 to test. I am not versed in history of MPTCP, but when I skimmed their site it seemed to me the version that was included in the mainline kernel appears to be missing some features, and I wondered if it were as robust (especially after the MPTCP Support Check failure). Makes sense to stop supporting the old version though. |
Use snapshot instead of beta for both router and GPS, I fixed many issues since beta. |
Great, thank you, I will try that. Will the snapshot vps script also perform the debian 11=>12 upgrade? Is it acceptable to start with a VPS on debian 12, or does the script expect to perform upgrade operations? |
The snapshot script upgrade to Debian 12 is needed, better to start directly on Debian 12 if available. |
Hi @Ysurac where can I find the snapshot for both OMR and VPS? Do you have any change log so far on the snapshot? |
You can find all here: https://github.com/Ysurac/openmptcprouter/wiki/Snapshots |
I tried to use the following in Hyper-V Gen 2 This won't boot at all. Do you know why? |
You have a UEFI boot ? |
I got it working now, I need to change the boot order to boot from HDD as it was trying to boot from bunch of virtual NIC |
As it's new, you have to test what work best in your case. |
In the past that UDP works on V2RAY, but not for long then it would break again until I have to press "save & apply" button in wizard configuration. With this new version, is there any improvement? |
I tried all V2RAY and X2RAY, none of them can work with UDP very well. I am using one of my voip provider to make phone call it won't work. The workaround is to establish L2TP VPN over OMR, then the voip is working. However they don't seem to recovery connection if I disconnect and reconnect the multiple WAN alternatively. Another thing I noticed that only OpenVPN TCP is working for UDP if I am using shadowsocks, the glory tun, MLVPN and DSVPN not working I am using the snapshot with 6.1 kernel, on x86 Hyper-V environment |
That sounds like #2936. |
Okay, back to testing this, now on a 6.1-based OMR. XRay Shadowsocks 2022 does not aggregate UDP. During speedtests performed on a client device UDP-based VPN, OMR bandwidth page shows traffic only on master WAN and ~0 traffic on the other two WANs. Ignorant question: would something like udp2tcp provide simpler UDP traffic tunneling over an MPTCP stream, and thus higher bandwidth aggregation? None of the VPN options in OMR I've tried seem to aggregate well. |
XRay-Shadowsocks 2022 use Shadowsocks 2022 that is a socks 5 proxy, UDP is not over TCP so this is not aggregated or need to use a VPN. |
Thanks for the explanation. I am confused by what was meant by this comment:
If Xray-Shadowsocks 2022 does not aggregate UDP, then which V2Ray or XRay methods do aggregate UDP? |
As indicated in the wizard, XRay/V2Ray VLESS, VMESS and Trojan protocols can aggregate UDP as they are doing UDP over TCP. |
Thanks. Okay, I set VPN to None and then tested V2Ray/XRay Trojan, VMESS, and VLESS (+ VLESS Reality). Unfortunately, no UDP aggregation: i.e. master WAN exhibiting 80-100 Mbps down and the other two WANs exhibiting ~30 Kbps. Similar non-aggregation on upload. |
You have enabled "V2Ray/XRay UDP" in "Advanced settings" tab in System->OpenMPTCProuter ? It's disabled by default. |
Ah, thank you. That does aggregate now. Unfortunately, the aggregated UDP XRay (etc) performance from using all 3 WANs is less than half of using XRay (etc) in the non-aggregated state where it routes all traffic via master WAN. That is to say, my client device UDP VPN client can get ~140 Mbps down in non-aggregated V2Ray/XRay, where all traffic goes via master WAN, but when UDP is enabled it drops to ~50 Mbps total (though that traffic is spread over all 3 WANs). Is this the expected result/fundamental limitation, or does this seem like it could be tuned for improvement? |
unfortunately, UDP is currently well known not to be able to achieve
aggregated speed
Might need to use different solutions to solve UDP, like utilizing TCP
tunnel for UDP traffic
…On Wed, Jan 3, 2024, 7:15 AM xzjq ***@***.***> wrote:
Ah, thank you. That does aggregate now. Unfortunately, the aggregated UDP
XRay (etc) performance from using all 3 WANs is less than half of using
XRay (etc) in the non-aggregated state where it routes all traffic via
master WAN.
That is to say, my client device UDP VPN client can get ~140 Mbps down in
non-aggregated V2Ray/XRay, where all traffic goes via master WAN, but when
UDP is enabled it drops to ~50 Mbps total (though that traffic is spread
over all 3 WANs).
Is this the expected result/fundamental limitation, or does this seem like
it could be tuned for improvement?
—
Reply to this email directly, view it on GitHub
<#3067 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ALYEL6RNKI54DFUXU4OOD43YMSIJNAVCNFSM6AAAAABAL4FAWCVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTQNZUGY3TIMZSGI>
.
You are receiving this because you commented.Message ID:
***@***.***>
|
It seems that VMESS/VLESS are tunneling UDP over TCP when configured this way, and thus could attain MPTCP aggregated speed. However, given that the total aggregated speed of the three WANs in this case is ~1/3 of the non-aggregated master WAN, this is not a benefit. It isn't clear whether this is a structural issue of UDP over TCP on VMESS/VLESS, etc, or if there is a need for optimization with my configuration. |
hello everyone. |
In general, OMR only benefits clients that are using native TCP traffic. Generally speaking, all other types of traffic (e.g. UDP) pay a significant performance-reducing penalty compared to just using a single one of the WANs directly. I suppose YMMV in edge cases such as if all your WANs are terrible. If you have a firewall, you could consider only routing TCP traffic via OMR and routing UDP traffic via your best individual WAN for that (which may or may not be your OMR master WAN). |
There is this but it looks unmaintained. https://github.com/greensea/mptunnel |
Hi, It seems that the current UDP aggregation solutions, including V2Ray and Glorytun TCP, are not performing well. Could anyone provide insights into why these methods might not be achieving optimal results? Additionally, I am considering implementing an MPQUIC-based protocol (e.g., XQUIC ) as a VPN solution to improve UDP traffic aggregation. I would appreciate any thoughts on whether this could be a viable and effective approach. Best, |
XRay or V2Ray with UDP proxy enabled are sometimes better then the VPNs. All these are UDP over TCP, it's far from ideal. XQUIC doesn't provide a real VPN, else I would implement it. If you develop a working VPN based on a library that support Mutlipath Quic, I would then be happy to add it in OpenMPTCProuter. XRay and V2Ray are using Quic-Go that doesn't provide Multipath Quic support (only a very old fork using an old draft of Multipath Quic exist...), else this can be cool if they have this support... |
Expected Behavior
UDP traffic from clients can aggregate bandwidth to achieve performance greater than a single WAN, as TCP traffic does.
Current Behavior
UDP traffic from clients is generally far lower than even a single WAN.
Discussion:
Various clients on the network use VPNs that are configured to send traffic via UDP. Speeds are very slow compared to TCP based traffic. For example, a client using OpenVPN via TCP might reach 150 Mbps / 10 Mbps (down/up), but switching it to UDP reduces this performance by approximately an order of magnitude (*if aggregated)
If using shadowsocks/glorytun TCP, aggregation will work at this substantial speed penalty, which is slower than any individual WAN.
If switched to v2ray (as per optimization guide) the UDP traffic only uses a single interface (the master); ironically, this is faster than the aggregated UDP performance. Again, both of these scenarios are substantially slower than WAN-aggregated TCP-based traffic.
I have tried various permutations of shadowsocks/v2ray vless/v2ray vmess & OMR vpns (including none). Overall, the issue seems very similar to #2366.
Using TCP-based VPNs on the clients is not ideal, not least because long-running TCP connections disaggregate as well, e.g. #2936, which requires the client device TCP VPNs to be reset multiple times a day to restore multipath-aggregated performance.
Specifications
The text was updated successfully, but these errors were encountered: