How to test the QUIC http3 UDP transport? #56
-
|
I found the doc on website still using ws wss, anything I need to change it in Gateway? thanks |
Beta Was this translation helpful? Give feedback.
Replies: 3 comments 18 replies
-
|
The gateway still uses WS/WSS; the QUIC connections are used only for peer-to-peer (P2P) connections at this time. Therefore, you need to have the same configuration. |
Beta Was this translation helpful? Give feedback.
-
|
Another question: for WS/WSS can it tunnel UDP traffic? thanks |
Beta Was this translation helpful? Give feedback.
-
It is part of the future plans
Yes, it can. just use |
Beta Was this translation helpful? Give feedback.
-
|
I check all the --help can't find the -u option, could you give the command line examples? |
Beta Was this translation helpful? Give feedback.
-
|
When using the proxy mode, it automatically detects and transfers UDP packets using the SOCKS5 protocol. For the connect or forward modes, you can use the narrowlink f -h
narrowlink c -hhttps://github.com/narrowlink/narrowlink/blob/main/client/forward.help.arg#L18 narrowlink f -un <agent name> <remote_addr:remote_port>https://github.com/narrowlink/narrowlink/blob/main/client/connect.help.arg#L17 narrowlink c -un <agent name> <remote_addr:remote_port>Options: If you are looking for a method to capture system-wide network traffic without using a proxy, I am currently working on it: #55 |
Beta Was this translation helpful? Give feedback.
-
|
great, but I have trouble to generate the token-generator.yaml I edit the sample one in token-generator code, but still get this: |
Beta Was this translation helpful? Give feedback.
-
It seems that you forgot to mention IP address the port. secret: [118,101,72,65,78,82,69,78] # The secret for signing tokens, It must be the same as the gateway token secret, it is as byte array
tokens: # list of tokens
- !Client # client token
uid: 1a3248b2-d78e-415b-abbc-4aa781afae65 # client uid, please use a unique uid for each user
name: client01 # client name, please use a unique name for each client
exp: 1710227806 # expiration time in seconds since epoch
policies: [1] # list of policy ids, it must be the same as the policy id in the client policy token, all the policies must be satisfied
- !ClientPolicy # client policy token
uid: 1a3248b2-d78e-415b-abbc-4aa781afae65
name: client01 # client name, please use a unique name for each client
exp: 1710227806 # expiration time in seconds since epoch
pid: 1 # policy id, it must be the same as the policy id in the client token
policy: # policies for this client
type: !BlackList # !WhiteList or !BlackList
policies: # list of policies
- !Ip # policy based on the destination ip address
- !Any # !Any means any agent, !Agent agent_name means the agent with the name agent_name
- 0.0.0.0/0 # destination domain name
- 443 # destination port
- UDP # protocolThe policy token is optional, so you can create something like: secret: [118,101,72,65,78,82,69,78] # The secret for signing tokens, It must be the same as the gateway token secret, it is as byte array
tokens: # list of tokens
- !Client # client token
uid: 1a3248b2-d78e-415b-abbc-4aa781afae65 # client uid, please use a unique uid for each user
name: client01 # client name, please use a unique name for each client
exp: 1710227806 # expiration time in seconds since epoch
# policies: [] # list of policy ids, it must be the same as the policy id in the client policy token, all the policies must be satisfied |
Beta Was this translation helpful? Give feedback.
-
|
@SajjadPourali I want to try QUIC impl now, did you merged to Main branch? :-) |
Beta Was this translation helpful? Give feedback.
-
|
Also lwIP version you are using in https://github.com/SajjadPourali/netstack-lwip |
Beta Was this translation helpful? Give feedback.
-
|
Yes, it is available in the main branch. Feel free to try. Please note that some of the commands have changed, so make sure to check the args help before executing your commands |
Beta Was this translation helpful? Give feedback.
-
|
yaml config files format changed or not? thanks |
Beta Was this translation helpful? Give feedback.
-
|
I suggest you to update the config as well. |
Beta Was this translation helpful? Give feedback.
-
You don't need to take any action for lwip as it's included in the source code out of the box. However, lwip is not well fit for narrowlink, and I am working on creating a pure Rust TCP/IP stack to replace lwip. It is almost done; I have some troubles with rescheduling packet losses, which will be addressed soon. |
Beta Was this translation helpful? Give feedback.
-
|
Great :-) smolTCP depends on too much also thru-put looks like not very well. ok, wait you. |
Beta Was this translation helpful? Give feedback.
When using the proxy mode, it automatically detects and transfers UDP packets using the SOCKS5 protocol. For the connect or forward modes, you can use the
-uoption.https://github.com/narrowlink/narrowlink/blob/main/client/forward.help.arg#L18
https://github.com/narrowlink/narrowlink/blob/main/client/connect.help.arg#L17
Options:
-u: UDP mode-n: Agent name-un: UDP mode + Agent nameIf you are looking for a method to capture system-wide network traffic without using a proxy, I am currently working on it: #55