Re: Optional DNS-Check or Ping-test for the Android App

From: Fabian Schwamborn <fabian@familie-schwamborn.com>
To: David Cowden <dcow@eero.com>
Cc: wireguard@lists.zx2c4.com
Subject: Re: Optional DNS-Check or Ping-test for the Android App
Date: Wed, 16 Jan 2019 22:29:44 +0100	[thread overview]
Message-ID: <012090d9-5191-9741-12e0-bd7352307aa0@familie-schwamborn.com> (raw)
In-Reply-To: <CACN7iOBjmzC9Ft3JRObFFABuuAbdVjD7UkaXxYcXtLE9n4WKMw@mail.gmail.com>

[-- Attachment #1.1: Type: text/plain, Size: 2730 bytes --]

I think you misunderstood me. Most broadband providers don't offer fixed 
IPv4. Due to privacy considerations, even under IPv6 on normal 
connections, addresses will always change. (prefix) As soon as an 
address changes and my dynamic DNS system registers it, an IPsec or 
OpenVPN client on my phone can reconnect. (This happens once a week).
The Wireguard app simply lacks a monitor to see if the IP address has 
changed. Therefore a ttl in the DNS was introduced .... (After a 
registered loss of the connection - also shown in the log - no DNS 
request is executed and the tunnel breaks down permanently.)

I think these are the most common scenarios with OpenWRT routers ...

Having a DNS entry does not mean that it always points to a static ip, 
so when a tunnel disconnects, the Android-app itself (userspace) should 
handle this like many other existing VPN-Clients do by a re-query of the 
DNS entry...

My question is, is there any opinion on such an implementation? Should i 
try to implement it into the android app and provide the code? 
(Unfortunately i am not a good android app-developer)

Am 16.01.2019 um 21:57 schrieb David Cowden:
> You need to setup dns for your home site then use that to connect. Or 
> you need to synchronize the endpoint out of band. I can't imagine this 
> is something wg wants to tackle--this is a general problem all 
> software encounters.
>
> On Tue, Jan 15, 2019 at 10:52 PM Fabian Schwamborn 
> <fabian@familie-schwamborn.com <mailto:fabian@familie-schwamborn.com>> 
> wrote:
>
>     Hello,
>
>     I have a suggestion for improving the Android app or would like to
>     ask if such a change would be desirable in general (e.g. pull
>     request):
>
>     I'm using Wireguard as a connection between my home router and my
>     mobile phone, but unfortunately I don't have a fixed IP address.
>     As soon as the IP address changes, the app does not reconnect.
>     (Happens once a week)
>
>     Is it possible to integrate a function into the app, that pings
>     through the tunnel so that you can perform a keep-alive check and
>     reconnect the tunnel completely after a failure (including DNS
>     request)?
>
>     Is it conceivable, to implement a DNS-check function in the app?
>     (E.g. like the existing example DNS check script for Linux works?)
>
>     Then the app would have the same functionality as my previous
>     IP-Sec client. This would also allow better coverage of failover
>     IP scenarios.
>
>
>     Best Regards
>
>     Fabian
>
>     _______________________________________________
>     WireGuard mailing list
>     WireGuard@lists.zx2c4.com <mailto:WireGuard@lists.zx2c4.com>
>     https://lists.zx2c4.com/mailman/listinfo/wireguard
>

[-- Attachment #1.2: Type: text/html, Size: 4450 bytes --]

[-- Attachment #2: Type: text/plain, Size: 148 bytes --]

_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard