Optional DNS-Check or Ping-test for the Android App

Optional DNS-Check or Ping-test for the Android App

[Fabian Schwamborn]

[-- Attachment #1.1: Type: text/plain, Size: 874 bytes --]

Hello,

I have a suggestion for improving the Android app or would like to ask 
if such a change would be desirable in general (e.g. pull request):

I'm using Wireguard as a connection between my home router and my mobile 
phone, but unfortunately I don't have a fixed IP address. As soon as the 
IP address changes, the app does not reconnect. (Happens once a week)

Is it possible to integrate a function into the app, that pings through 
the tunnel so that you can perform a keep-alive check and reconnect the 
tunnel completely after a failure (including DNS request)?

Is it conceivable, to implement a DNS-check function in the app? (E.g. 
like the existing example DNS check script for Linux works?)

Then the app would have the same functionality as my previous IP-Sec 
client. This would also allow better coverage of failover IP scenarios.


Best Regards

Fabian


[-- Attachment #1.2: Type: text/html, Size: 36549 bytes --]

[-- Attachment #2: Type: text/plain, Size: 148 bytes --]

_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: Optional DNS-Check or Ping-test for the Android App

[David Cowden]

[-- Attachment #1.1: Type: text/plain, Size: 1384 bytes --]

You need to setup dns for your home site then use that to connect. Or you
need to synchronize the endpoint out of band. I can't imagine this is
something wg wants to tackle--this is a general problem all software
encounters.

On Tue, Jan 15, 2019 at 10:52 PM Fabian Schwamborn <
fabian@familie-schwamborn.com> wrote:

> Hello,
>
>
>
> I have a suggestion for improving the Android app or would like to ask if
> such a change would be desirable in general (e.g. pull request):
>
> I'm using Wireguard as a connection between my home router and my mobile
> phone, but unfortunately I don't have a fixed IP address. As soon as the IP
> address changes, the app does not reconnect. (Happens once a week)
>
> Is it possible to integrate a function into the app, that pings through
> the tunnel so that you can perform a keep-alive check and reconnect the
> tunnel completely after a failure (including DNS request)?
>
> Is it conceivable, to implement a DNS-check function in the app? (E.g.
> like the existing example DNS check script for Linux works?)
>
> Then the app would have the same functionality as my previous IP-Sec
> client. This would also allow better coverage of failover IP scenarios.
>
>
> Best Regards
>
> Fabian
> _______________________________________________
> WireGuard mailing list
> WireGuard@lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/wireguard
>

[-- Attachment #1.2: Type: text/html, Size: 2344 bytes --]

[-- Attachment #2: Type: text/plain, Size: 148 bytes --]

_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: Optional DNS-Check or Ping-test for the Android App

[Fabian Schwamborn]

[-- Attachment #1.1: Type: text/plain, Size: 2730 bytes --]

I think you misunderstood me. Most broadband providers don't offer fixed 
IPv4. Due to privacy considerations, even under IPv6 on normal 
connections, addresses will always change. (prefix) As soon as an 
address changes and my dynamic DNS system registers it, an IPsec or 
OpenVPN client on my phone can reconnect. (This happens once a week).
The Wireguard app simply lacks a monitor to see if the IP address has 
changed. Therefore a ttl in the DNS was introduced .... (After a 
registered loss of the connection - also shown in the log - no DNS 
request is executed and the tunnel breaks down permanently.)

I think these are the most common scenarios with OpenWRT routers ...

Having a DNS entry does not mean that it always points to a static ip, 
so when a tunnel disconnects, the Android-app itself (userspace) should 
handle this like many other existing VPN-Clients do by a re-query of the 
DNS entry...

My question is, is there any opinion on such an implementation? Should i 
try to implement it into the android app and provide the code? 
(Unfortunately i am not a good android app-developer)


Am 16.01.2019 um 21:57 schrieb David Cowden:
> You need to setup dns for your home site then use that to connect. Or 
> you need to synchronize the endpoint out of band. I can't imagine this 
> is something wg wants to tackle--this is a general problem all 
> software encounters.
>
> On Tue, Jan 15, 2019 at 10:52 PM Fabian Schwamborn 
> <fabian@familie-schwamborn.com <mailto:fabian@familie-schwamborn.com>> 
> wrote:
>
>     Hello,
>
>     I have a suggestion for improving the Android app or would like to
>     ask if such a change would be desirable in general (e.g. pull
>     request):
>
>     I'm using Wireguard as a connection between my home router and my
>     mobile phone, but unfortunately I don't have a fixed IP address.
>     As soon as the IP address changes, the app does not reconnect.
>     (Happens once a week)
>
>     Is it possible to integrate a function into the app, that pings
>     through the tunnel so that you can perform a keep-alive check and
>     reconnect the tunnel completely after a failure (including DNS
>     request)?
>
>     Is it conceivable, to implement a DNS-check function in the app?
>     (E.g. like the existing example DNS check script for Linux works?)
>
>     Then the app would have the same functionality as my previous
>     IP-Sec client. This would also allow better coverage of failover
>     IP scenarios.
>
>
>     Best Regards
>
>     Fabian
>
>     _______________________________________________
>     WireGuard mailing list
>     WireGuard@lists.zx2c4.com <mailto:WireGuard@lists.zx2c4.com>
>     https://lists.zx2c4.com/mailman/listinfo/wireguard
>


[-- Attachment #1.2: Type: text/html, Size: 4450 bytes --]

[-- Attachment #2: Type: text/plain, Size: 148 bytes --]

_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: Optional DNS-Check or Ping-test for the Android App

[David Cowden]

[-- Attachment #1.1: Type: text/plain, Size: 2887 bytes --]

On Wed, Jan 16, 2019 at 1:29 PM Fabian Schwamborn <
fabian@familie-schwamborn.com> wrote:

> I think you misunderstood me. Most broadband providers don't offer fixed
> IPv4. Due to privacy considerations, even under IPv6 on normal connections,
> addresses will always change. (prefix) As soon as an address changes and my
> dynamic DNS system registers it, an IPsec or OpenVPN client on my phone can
> reconnect. (This happens once a week).
> The Wireguard app simply lacks a monitor to see if the IP address has
> changed. Therefore a ttl in the DNS was introduced .... (After a registered
> loss of the connection - also shown in the log - no DNS request is executed
> and the tunnel breaks down permanently.)
>
> I think the
>
Yes, I thought you were asking for what you already have setup. My
apologies.


> se are the most common scenarios with OpenWRT routers ...
>
> Having a DNS entry does not mean that it always points to a static ip, so
> when a tunnel disconnects, the Android-app itself (userspace) should handle
> this like many other existing VPN-Clients do by a re-query of the DNS
> entry...
>
> My question is, is there any opinion on such an implementation? Should i
> try to implement it into the android app and provide the code?
> (Unfortunately i am not a good android app-developer)
>
This sounds like something the wg-go userspace should support, not the
android or ios app ui.

>
> Am 16.01.2019 um 21:57 schrieb David Cowden:
>
> You need to setup dns for your home site then use that to connect. Or you
> need to synchronize the endpoint out of band. I can't imagine this is
> something wg wants to tackle--this is a general problem all software
> encounters.
>
> On Tue, Jan 15, 2019 at 10:52 PM Fabian Schwamborn <
> fabian@familie-schwamborn.com> wrote:
>
>> Hello,
>>
>>
>>
>> I have a suggestion for improving the Android app or would like to ask if
>> such a change would be desirable in general (e.g. pull request):
>>
>> I'm using Wireguard as a connection between my home router and my mobile
>> phone, but unfortunately I don't have a fixed IP address. As soon as the IP
>> address changes, the app does not reconnect. (Happens once a week)
>>
>> Is it possible to integrate a function into the app, that pings through
>> the tunnel so that you can perform a keep-alive check and reconnect the
>> tunnel completely after a failure (including DNS request)?
>>
>> Is it conceivable, to implement a DNS-check function in the app? (E.g.
>> like the existing example DNS check script for Linux works?)
>>
>> Then the app would have the same functionality as my previous IP-Sec
>> client. This would also allow better coverage of failover IP scenarios.
>>
>>
>> Best Regards
>>
>> Fabian
>> _______________________________________________
>> WireGuard mailing list
>> WireGuard@lists.zx2c4.com
>> https://lists.zx2c4.com/mailman/listinfo/wireguard
>>
>
>

[-- Attachment #1.2: Type: text/html, Size: 5196 bytes --]

[-- Attachment #2: Type: text/plain, Size: 148 bytes --]

_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: Optional DNS-Check or Ping-test for the Android App

[Fabian Schwamborn]

[-- Attachment #1.1: Type: text/plain, Size: 4125 bytes --]


Am 16.01.2019 um 23:06 schrieb David Cowden:
>
>
> On Wed, Jan 16, 2019 at 1:29 PM Fabian Schwamborn 
> <fabian@familie-schwamborn.com <mailto:fabian@familie-schwamborn.com>> 
> wrote:
>
>     I think you misunderstood me. Most broadband providers don't offer
>     fixed IPv4. Due to privacy considerations, even under IPv6 on
>     normal connections, addresses will always change. (prefix) As soon
>     as an address changes and my dynamic DNS system registers it, an
>     IPsec or OpenVPN client on my phone can reconnect. (This happens
>     once a week).
>     The Wireguard app simply lacks a monitor to see if the IP address
>     has changed. Therefore a ttl in the DNS was introduced .... (After
>     a registered loss of the connection - also shown in the log - no
>     DNS request is executed and the tunnel breaks down permanently.)
>
>     I think the
>
> Yes, I thought you were asking for what you already have setup. My 
> apologies.
>
>     se are the most common scenarios with OpenWRT routers ...
>
>     Having a DNS entry does not mean that it always points to a static
>     ip, so when a tunnel disconnects, the Android-app itself
>     (userspace) should handle this like many other existing
>     VPN-Clients do by a re-query of the DNS entry...
>
>     My question is, is there any opinion on such an implementation?
>     Should i try to implement it into the android app and provide the
>     code? (Unfortunately i am not a good android app-developer)
>
> This sounds like something the wg-go userspace should support, not the 
> android or ios app ui.

The wg-go userspace application is just the interface to the kernel 
module (or an userspace program, that emulates the kernel module)

The Linux-Kernel is not able to resolve any DNS because it could only 
handle IP-Adresses. I don't think that it would be a good idea to write 
a dns-resolver for a kernel module.

 From my point of view, each connected endpoint has to be monitored 
periodically by a userspace program (in this case java or an additional 
go-module). In case of a tunnel malfunktion OR based on a timer the 
Hostname has to be re-resolved.

Therefore my current question: Are custom code contributions welcome in 
this respect?

I am currently thinking about adding a timer-supported tunnel monitoring 
to the app.


>
>     Am 16.01.2019 um 21:57 schrieb David Cowden:
>>     You need to setup dns for your home site then use that to
>>     connect. Or you need to synchronize the endpoint out of band. I
>>     can't imagine this is something wg wants to tackle--this is a
>>     general problem all software encounters.
>>
>>     On Tue, Jan 15, 2019 at 10:52 PM Fabian Schwamborn
>>     <fabian@familie-schwamborn.com
>>     <mailto:fabian@familie-schwamborn.com>> wrote:
>>
>>         Hello,
>>
>>         I have a suggestion for improving the Android app or would
>>         like to ask if such a change would be desirable in general
>>         (e.g. pull request):
>>
>>         I'm using Wireguard as a connection between my home router
>>         and my mobile phone, but unfortunately I don't have a fixed
>>         IP address. As soon as the IP address changes, the app does
>>         not reconnect. (Happens once a week)
>>
>>         Is it possible to integrate a function into the app, that
>>         pings through the tunnel so that you can perform a keep-alive
>>         check and reconnect the tunnel completely after a failure
>>         (including DNS request)?
>>
>>         Is it conceivable, to implement a DNS-check function in the
>>         app? (E.g. like the existing example DNS check script for
>>         Linux works?)
>>
>>         Then the app would have the same functionality as my previous
>>         IP-Sec client. This would also allow better coverage of
>>         failover IP scenarios.
>>
>>
>>         Best Regards
>>
>>         Fabian
>>
>>         _______________________________________________
>>         WireGuard mailing list
>>         WireGuard@lists.zx2c4.com <mailto:WireGuard@lists.zx2c4.com>
>>         https://lists.zx2c4.com/mailman/listinfo/wireguard
>>
>

[-- Attachment #1.2: Type: text/html, Size: 8299 bytes --]

[-- Attachment #2: Type: text/plain, Size: 148 bytes --]

_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard