From: Matthieu Baerts <matttbe@kernel.org>
To: Antonio Quartulli <antonio@openvpn.net>
Cc: Simon Horman <horms@kernel.org>,
netdev@vger.kernel.org, Paolo Abeni <pabeni@redhat.com>,
Eric Dumazet <edumazet@google.com>,
Jakub Kicinski <kuba@kernel.org>,
Donald Hunter <donald.hunter@gmail.com>,
Shuah Khan <shuah@kernel.org>,
sd@queasysnail.net, ryazanov.s.a@gmail.com,
Andrew Lunn <andrew@lunn.ch>,
linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org
Subject: Re: [PATCH net-next v12 11/22] ovpn: implement TCP transport
Date: Mon, 9 Dec 2024 12:31:15 +0100 [thread overview]
Message-ID: <c34748e0-44ad-4775-abd5-52034c4f5fdc@kernel.org> (raw)
In-Reply-To: <e447ef89-e7f1-4c5b-871e-d1cfaa045c6c@openvpn.net>
On 09/12/2024 11:58, Antonio Quartulli wrote:
> On 09/12/2024 11:46, Matthieu Baerts wrote:
>> Hi Antonio,
>>
>> Thank you for working on this, and sharing your work here!
>>
>> On 05/12/2024 00:09, Antonio Quartulli wrote:
>>> On 04/12/2024 23:52, Antonio Quartulli wrote:
>>>> Paolo,
>>>>
>>>> On 04/12/2024 12:15, Antonio Quartulli wrote:
>>>> [...]
>>>>>>> + mutex_lock(&tcp6_prot_mutex);
>>>>>>> + if (!ovpn_tcp6_prot.recvmsg)
>>>>>>> + ovpn_tcp_build_protos(&ovpn_tcp6_prot, &ovpn_tcp6_ops,
>>>>>>> + sock->sk->sk_prot,
>>>>>>> + sock->sk->sk_socket->ops);
>>>>>>> + mutex_unlock(&tcp6_prot_mutex);
>>>>>>
>>>>>> This looks like an hack to avoid a build dependency on IPV6, I think
>>>>>> the
>>>>>> explicit
>>>>>
>>>>> I happily copied this approach from espintcp.c:espintcp_init_sk() :-D
>>>>>
>>>>>>
>>>>>> #if IS_ENABLED(CONFIG_IPV6)
>>>>>>
>>>>>> at init time should be preferable
>>>>
>>>> To get this done at init time I need inet6_stream_ops to be
>>>> accessible, but it seems there is no EXPORT_SYMBOL() for this object.
>>>>
>>>> However, I see that mptcp/protocol.c is happily accessing it.
>>>> Any clue how this is possible?
>>>
>>> I answer myself: mptcp is not tristate and it can only be compiled as
>>> built-in.
>>
>> Indeed, that's why.
>>
>> Talking about MPTCP, by chance, do you plan to support it later on? :)
>
> Hi Matthieu,
>
> It is not on our current roadmap (TCP doesn't get much love in the VPN
> world), but I agree it could be an interesting option to explore!
I understand, it makes sense not to recommend using TCP for the
transport layer for tunnelling solutions.
> I have to admit that I haven't played much with MPTCP myself yet, but I
> am more than happy to talk about potential advantages for the ovpn use
> case.
Some people told me they were interested in using OpenVPN with MPTCP to
use multiple (low-capacity) network links at the same time. I think
intercepting and proxying TCP traffic would always be the best in terms
of performances, but using OpenVPN with MPTCP seems to be enough for
some, especially when they want to "improve" some type of UDP traffic
that cannot be intercepted: QUIC, VPN, etc.
I don't have numbers to share, but I can understand this feature can
help in some cases.
(This reminds me this: https://github.com/OpenVPN/ovpn-dco/issues/60)
(and this: https://github.com/arinc9/openvpn/pull/1)
Cheers,
Matt
--
Sponsored by the NGI0 Core fund.
next prev parent reply other threads:[~2024-12-09 11:31 UTC|newest]
Thread overview: 45+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-12-02 15:07 [PATCH net-next v12 00/22] Introducing OpenVPN Data Channel Offload Antonio Quartulli
2024-12-02 15:07 ` [PATCH net-next v12 01/22] net: introduce OpenVPN Data Channel Offload (ovpn) Antonio Quartulli
2024-12-02 15:07 ` [PATCH net-next v12 02/22] ovpn: add basic netlink support Antonio Quartulli
2024-12-02 15:07 ` [PATCH net-next v12 03/22] ovpn: add basic interface creation/destruction/management routines Antonio Quartulli
2024-12-02 15:07 ` [PATCH net-next v12 04/22] ovpn: keep carrier always on for MP interfaces Antonio Quartulli
2024-12-02 15:07 ` [PATCH net-next v12 05/22] ovpn: introduce the ovpn_peer object Antonio Quartulli
2024-12-02 15:07 ` [PATCH net-next v12 06/22] ovpn: introduce the ovpn_socket object Antonio Quartulli
2024-12-02 15:07 ` [PATCH net-next v12 07/22] ovpn: implement basic TX path (UDP) Antonio Quartulli
2024-12-03 14:55 ` Antonio Quartulli
2024-12-02 15:07 ` [PATCH net-next v12 08/22] ovpn: implement basic RX " Antonio Quartulli
2024-12-03 14:34 ` Paolo Abeni
2024-12-03 14:38 ` Antonio Quartulli
2024-12-02 15:07 ` [PATCH net-next v12 09/22] ovpn: implement packet processing Antonio Quartulli
2024-12-03 14:58 ` Paolo Abeni
2024-12-03 15:04 ` Antonio Quartulli
2024-12-02 15:07 ` [PATCH net-next v12 10/22] ovpn: store tunnel and transport statistics Antonio Quartulli
2024-12-02 15:07 ` [PATCH net-next v12 11/22] ovpn: implement TCP transport Antonio Quartulli
2024-12-03 15:19 ` Paolo Abeni
2024-12-04 11:15 ` Antonio Quartulli
2024-12-04 21:37 ` Antonio Quartulli
2024-12-04 22:52 ` Antonio Quartulli
2024-12-04 23:09 ` Antonio Quartulli
2024-12-09 10:46 ` Matthieu Baerts
2024-12-09 10:58 ` Antonio Quartulli
2024-12-09 11:31 ` Matthieu Baerts [this message]
2024-12-09 14:08 ` Antonio Quartulli
2024-12-09 16:26 ` Matthieu Baerts
2024-12-02 15:07 ` [PATCH net-next v12 12/22] ovpn: implement multi-peer support Antonio Quartulli
2024-12-05 10:33 ` Antonio Quartulli
2024-12-02 15:07 ` [PATCH net-next v12 13/22] ovpn: implement peer lookup logic Antonio Quartulli
2024-12-03 14:58 ` Antonio Quartulli
2024-12-03 16:09 ` Sabrina Dubroca
2024-12-04 8:28 ` Antonio Quartulli
2024-12-04 14:13 ` Antonio Quartulli
2024-12-02 15:07 ` [PATCH net-next v12 14/22] ovpn: implement keepalive mechanism Antonio Quartulli
2024-12-02 15:07 ` [PATCH net-next v12 15/22] ovpn: add support for updating local UDP endpoint Antonio Quartulli
2024-12-02 15:07 ` [PATCH net-next v12 16/22] ovpn: add support for peer floating Antonio Quartulli
2024-12-02 15:07 ` [PATCH net-next v12 17/22] ovpn: implement peer add/get/dump/delete via netlink Antonio Quartulli
2024-12-03 17:46 ` Paolo Abeni
2024-12-04 8:43 ` Antonio Quartulli
2024-12-02 15:07 ` [PATCH net-next v12 18/22] ovpn: implement key add/get/del/swap " Antonio Quartulli
2024-12-02 15:07 ` [PATCH net-next v12 19/22] ovpn: kill key and notify userspace in case of IV exhaustion Antonio Quartulli
2024-12-02 15:07 ` [PATCH net-next v12 20/22] ovpn: notify userspace when a peer is deleted Antonio Quartulli
2024-12-02 15:07 ` [PATCH net-next v12 21/22] ovpn: add basic ethtool support Antonio Quartulli
2024-12-02 15:07 ` [PATCH net-next v12 22/22] testing/selftests: add test tool and scripts for ovpn module Antonio Quartulli
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=c34748e0-44ad-4775-abd5-52034c4f5fdc@kernel.org \
--to=matttbe@kernel.org \
--cc=andrew@lunn.ch \
--cc=antonio@openvpn.net \
--cc=donald.hunter@gmail.com \
--cc=edumazet@google.com \
--cc=horms@kernel.org \
--cc=kuba@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=ryazanov.s.a@gmail.com \
--cc=sd@queasysnail.net \
--cc=shuah@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox