WireGuard Archive on lore.kernel.org
 help / color / Atom feed
* Android: TCP connection drop when disabling WiFi
@ 2018-07-04 21:11 Stefan Agner
  2018-07-04 21:13 ` Jason A. Donenfeld
  0 siblings, 1 reply; 4+ messages in thread
From: Stefan Agner @ 2018-07-04 21:11 UTC (permalink / raw)
  To: wireguard

Hi,

I am using WireGuard for Android v0.0.20180625 with the Go userspace
backend. I am using a WiFi router with OpenWrt as Wireguard endpoint
(WAN/internet address). Wireguard tunnels all traffic through the tunnel
(Allowed IPs 0.0.0.0/0, ::/0). This works as expected: I can connect to
the Internet through the tunnel no matter whether I am locally on the
WiFi or connecting through 4G. Wireguard reconnects seamlessly.

Now what I hope is that my TCP connection stay alive when roaming from
WiFi to 4G. Since Wireguard reconnects automatically and my public IP
through the tunnel stays the same, I would expect that I can have a SSH
connection open while roaming from WiFi to 4G and back. I am using the
SSH client ConnectBot to connect to an (IPv6) server. When changing from
4G to WiFi, the connection stays alive. However, when switching off WiFi
(and hence change back to 4G) ConnectBot immediately reports "Host has
disconnected.".

It seems as if Android somehow drops all TCP connection when WiFi
connection gets lost... Is this a known behavior? Anybody else observes
the same behavior? It seems somewhat unfortunate as I would have hoped
that Wireguard lets me keep sessions open...

Also tried with a second SSH client, so it seems a common behavior. I am
using a Nexus 6P with Stock Android 8.1.0.

--
Stefan

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: Android: TCP connection drop when disabling WiFi
  2018-07-04 21:11 Android: TCP connection drop when disabling WiFi Stefan Agner
@ 2018-07-04 21:13 ` Jason A. Donenfeld
  2018-07-04 22:04   ` Stefan Agner
  2018-07-04 23:14   ` Stefan Agner
  0 siblings, 2 replies; 4+ messages in thread
From: Jason A. Donenfeld @ 2018-07-04 21:13 UTC (permalink / raw)
  To: Stefan Agner; +Cc: WireGuard mailing list

Hi Stefan,

I wish this were the case too, but Android sends SOCK_DESTROY to
everything when networks change, and there isn't a lot that can be
done about it without rooting the device, as far as I can tell. If
you've got some Android chops and can think of a way we can suppress
that, I'd be very interested.

Jason

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: Android: TCP connection drop when disabling WiFi
  2018-07-04 21:13 ` Jason A. Donenfeld
@ 2018-07-04 22:04   ` Stefan Agner
  2018-07-04 23:14   ` Stefan Agner
  1 sibling, 0 replies; 4+ messages in thread
From: Stefan Agner @ 2018-07-04 22:04 UTC (permalink / raw)
  To: Jason A. Donenfeld; +Cc: WireGuard mailing list

On 04.07.2018 23:13, Jason A. Donenfeld wrote:
> Hi Stefan,
> 
> I wish this were the case too, but Android sends SOCK_DESTROY to
> everything when networks change, and there isn't a lot that can be
> done about it without rooting the device, as far as I can tell. If
> you've got some Android chops and can think of a way we can suppress
> that, I'd be very interested.

Ugh, so as I expected :-(

Unfortunately, I am not very familiar with Android.

It seems that Android only kills connection when addresses get removed.
The data connection stays on in background, so that is why 4G -> WiFi
works: No addresses get removed.

Same behavior when using "Always-on VPN" or "Block connections without
VPN". It really seems a silly behavior in the light of VPNs.

With SOCK_DESTROY I pretty quickly found netd and the code which
actually causes the connection drop. It seems to me that only
connections with an address which actually gets removed get dropped
NetlinkHandler::onEvent), but maybe I don't understand the full picture.

And after some more digging I found this commit with the promising title
"Do not destroy socket when VPN interface address is still in use":
https://android.googlesource.com/platform/system/netd/+/6c00b61656da32ce3223a2fc711f5649b6b7b5ac

However, it seems to me that this is not relly applicable in the
Wireguard case...

--
Stefan

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: Android: TCP connection drop when disabling WiFi
  2018-07-04 21:13 ` Jason A. Donenfeld
  2018-07-04 22:04   ` Stefan Agner
@ 2018-07-04 23:14   ` Stefan Agner
  1 sibling, 0 replies; 4+ messages in thread
From: Stefan Agner @ 2018-07-04 23:14 UTC (permalink / raw)
  To: Jason A. Donenfeld; +Cc: WireGuard mailing list

On 04.07.2018 23:13, Jason A. Donenfeld wrote:
> Hi Stefan,
> 
> I wish this were the case too, but Android sends SOCK_DESTROY to
> everything when networks change, and there isn't a lot that can be
> done about it without rooting the device, as far as I can tell. If
> you've got some Android chops and can think of a way we can suppress
> that, I'd be very interested.


Android actually logs when it destroys sockets, here an example when
using WiFi:
$ adb logcat Netd:V *:S
07-05 00:42:14.184  3912  4042 I Netd    : Destroyed 2 sockets on
192.168.1.123 in 1.3 ms

(192.168.1.123 => device IP on WiFi)

In that particular instance I had Wireguard open and 3 SSH connections
open. Interestingly, Netd only destroyed two sockets... This is
reproducible.

When closing Wireguard, quite some connections got dropped:
07-05 00:43:34.276  3912  4042 I Netd    : Destroyed 8 sockets on
2a01:123:4321::4 in 0.9 ms
07-05 00:43:34.282  3912  4042 I Netd    : Destroyed 10 sockets on
192.168.3.123 in 3.1 ms
(IPs match the ones I use for the Wireguard tunnel)

When not using Wireguard, connecting SSH and then closing WiFi, number
of destroyed sockets are quite a bit higher:
07-05 00:45:31.129  3912  4042 I Netd    : Destroyed 18 sockets on
192.168.1.123 in 1.6 ms

With that finding, I started to doubt that Android really kills all
connections. And indeed, using "Magic iPerf" an iperf3 Android App, the
issue seems not to happen!

So it really seems that ConnectBot and Termius (the second Android SSH
Client I tried) disconnect on their own discretion.

I created a ticket for ConnectBot:
https://github.com/connectbot/connectbot/issues/623

It seems to be fairly trivial to fix by just not calling
onConnectivityLost() in ConnectivityReceiver anymore, I will give this a
try another day.

So long story short: Wireguard as well as Android seem to behave nicely
when it comes to keeping TCP connections open. It seems that some
Android apps try to be smart...

Sorry for the noise!

--
Stefan

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, back to index

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-07-04 21:11 Android: TCP connection drop when disabling WiFi Stefan Agner
2018-07-04 21:13 ` Jason A. Donenfeld
2018-07-04 22:04   ` Stefan Agner
2018-07-04 23:14   ` Stefan Agner

WireGuard Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/wireguard/0 wireguard/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 wireguard wireguard/ https://lore.kernel.org/wireguard \
		wireguard@lists.zx2c4.com zx2c4-wireguard@archiver.kernel.org
	public-inbox-index wireguard


Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/com.zx2c4.lists.wireguard


AGPL code for this site: git clone https://public-inbox.org/ public-inbox