From ecebd2aab844ddb806340bca93f6f8bff62a88d9 Mon Sep 17 00:00:00 2001 From: Dennis Schwerdel Date: Sun, 7 Feb 2021 19:42:23 +0100 Subject: [PATCH] Some updates --- Cargo.lock | 4 +- README.md | 4 + contrib/WSProxyCloudFormation.yaml | 81 +++++++++ contrib/example.py | 4 +- .../measurements/2021-02-06_2.1.0_perf.json | 165 ++++++++++++++++++ contrib/performance.py | 2 +- contrib/testnet.py | 4 +- 7 files changed, 257 insertions(+), 7 deletions(-) create mode 100644 contrib/WSProxyCloudFormation.yaml create mode 100644 contrib/measurements/2021-02-06_2.1.0_perf.json diff --git a/Cargo.lock b/Cargo.lock index a436d22..a8c05bb 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -847,9 +847,9 @@ dependencies = [ [[package]] name = "serde_json" -version = "1.0.61" +version = "1.0.62" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4fceb2595057b6891a4ee808f70054bd2d12f0e97f1cbb78689b59f676df325a" +checksum = "ea1c6153794552ea7cf7cf63b1231a25de00ec90db326ba6264440fa08e31486" dependencies = [ "itoa", "ryu", diff --git a/README.md b/README.md index cb573c6..64c7417 100644 --- a/README.md +++ b/README.md @@ -35,6 +35,7 @@ somewhat stable state. VpnCloud features the following functionality: * Support for different forwarding/routing behaviors (Hub, Switch, Router) * NAT and firewall traversal using hole punching * Automatic port forwarding via UPnP +* Websocket proxy mode for restrictive environments * Support for tunneled VLans (TAP devices) * Support for publishing [beacons](https://vpncloud.ddswd.de/docs/beacons) to help nodes find each others * Support for statsd monitoring @@ -61,6 +62,9 @@ contributions are very welcome: * **Linux packages**: VpnCloud is stable enough to be packaged for Linux distributions. Maintainers who want to package VpnCloud are very welcome. +* **Help with other platforms**: If you are a Rust developer with experience + on Windows or MacOS your help on porting VpnCloud to those platforms is very + welcome. * **Security review**: The security has been implemented with strong security primitives but it would be great if a cryptography expert could verify the system. diff --git a/contrib/WSProxyCloudFormation.yaml b/contrib/WSProxyCloudFormation.yaml new file mode 100644 index 0000000..a21af58 --- /dev/null +++ b/contrib/WSProxyCloudFormation.yaml @@ -0,0 +1,81 @@ +AWSTemplateFormatVersion: 2010-09-09 +Description: | + VpnCloud Websocket Proxy + This will configure a websocket proxy to be used with VpnCloud. + Versions: Ubuntu Server 20.04 LTS + VpnCloud 2.1.0 +Parameters: + LatestAmiId: + Description: "Image to use (just leave this as it is)" + Type: 'AWS::SSM::Parameter::Value' + Default: '/aws/service/canonical/ubuntu/server/20.04/stable/current/arm64/hvm/ebs-gp2/ami-id' + AllowedValues: + - '/aws/service/canonical/ubuntu/server/20.04/stable/current/arm64/hvm/ebs-gp2/ami-id' +Resources: + ProxySecurityGroup: + Type: 'AWS::EC2::SecurityGroup' + Properties: + GroupDescription: Enable HTTP access via port 80 and any UDP port + SecurityGroupIngress: + - IpProtocol: tcp + FromPort: '80' + ToPort: '80' + CidrIp: 0.0.0.0/0 + - IpProtocol: udp + FromPort: '1024' + ToPort: '65535' + CidrIp: 0.0.0.0/0 + LaunchTemplate: + Type: AWS::EC2::LaunchTemplate + DependsOn: + - ProxySecurityGroup + Properties: + LaunchTemplateData: + ImageId: !Ref LatestAmiId + SecurityGroups: + - !Ref ProxySecurityGroup + InstanceMarketOptions: + MarketType: spot + InstanceType: t4g.nano + TagSpecifications: + - ResourceType: instance + Tags: + - Key: Name + Value: VpnCloud WS Proxy + CreditSpecification: + CpuCredits: standard + BlockDeviceMappings: + - DeviceName: /dev/sda1 + Ebs: + VolumeType: standard + VolumeSize: '8' + DeleteOnTermination: 'true' + Encrypted: 'false' + UserData: + Fn::Base64: !Sub | + #cloud-config + packages: + - iperf3 + - socat + runcmd: + - wget https://github.com/dswd/vpncloud/releases/download/v2.1.0/vpncloud_2.1.0_arm64.deb -O /tmp/vpncloud.deb + - dpkg -i /tmp/vpncloud.deb + - nohup vpncloud ws-proxy -l 80 & + ProxyInstance: + Type: 'AWS::EC2::Instance' + DependsOn: + - LaunchTemplate + Properties: + LaunchTemplate: + LaunchTemplateId: + Ref: LaunchTemplate + Version: 1 +Outputs: + ProxyURL: + Description: URL to use in VpnCloud config + Value: !Join + - '' + - - 'ws://' + - !GetAtt + - ProxyInstance + - PublicDnsName + - ':80' diff --git a/contrib/example.py b/contrib/example.py index 63a0aa8..1be4286 100755 --- a/contrib/example.py +++ b/contrib/example.py @@ -6,8 +6,8 @@ import time setup = EC2Environment( region = "eu-central-1", node_count = 2, - instance_type = 't3.nano', - vpncloud_version = "1.4.0" + instance_type = 't3a.nano', + vpncloud_version = "2.1.0" ) sender = setup.nodes[0] diff --git a/contrib/measurements/2021-02-06_2.1.0_perf.json b/contrib/measurements/2021-02-06_2.1.0_perf.json new file mode 100644 index 0000000..aef9ae4 --- /dev/null +++ b/contrib/measurements/2021-02-06_2.1.0_perf.json @@ -0,0 +1,165 @@ +{ + "meta": { + "region": "eu-central-1", + "instance_type": "m5.large", + "ami": "ami-0a6dc7529cd559185", + "version": "2.1.0", + "duration": 622.053159236908 + }, + "native": { + "iperf": { + "throughput": 9672965000.0, + "cpu_sender": 11.936759, + "cpu_receiver": 70.348812 + }, + "ping_100": { + "rtt_min": 0.046, + "rtt_max": 0.246, + "rtt_avg": 0.053, + "pkt_loss": 0.0 + }, + "ping_500": { + "rtt_min": 0.048, + "rtt_max": 0.183, + "rtt_avg": 0.055, + "pkt_loss": 0.0 + }, + "ping_1000": { + "rtt_min": 0.05, + "rtt_max": 0.272, + "rtt_avg": 0.057, + "pkt_loss": 0.0 + } + }, + "plain": { + "iperf": { + "throughput": 5728527000.0, + "cpu_sender": 11.004746, + "cpu_receiver": 67.527328 + }, + "ping_100": { + "rtt_min": 0.078, + "rtt_max": 0.372, + "rtt_avg": 0.095, + "pkt_loss": 0.0 + }, + "ping_500": { + "rtt_min": 0.078, + "rtt_max": 0.272, + "rtt_avg": 0.094, + "pkt_loss": 0.0 + }, + "ping_1000": { + "rtt_min": 0.082, + "rtt_max": 0.217, + "rtt_avg": 0.096, + "pkt_loss": 0.0 + } + }, + "aes256": { + "iperf": { + "throughput": 3706944000.0, + "cpu_sender": 6.465523, + "cpu_receiver": 60.216674 + }, + "ping_100": { + "rtt_min": 0.079, + "rtt_max": 0.28, + "rtt_avg": 0.097, + "pkt_loss": 0.0 + }, + "ping_500": { + "rtt_min": 0.079, + "rtt_max": 13.372, + "rtt_avg": 0.099, + "pkt_loss": 0.0 + }, + "ping_1000": { + "rtt_min": 0.086, + "rtt_max": 0.358, + "rtt_avg": 0.102, + "pkt_loss": 0.0 + } + }, + "aes128": { + "iperf": { + "throughput": 3876646000.0, + "cpu_sender": 6.800352, + "cpu_receiver": 61.738244 + }, + "ping_100": { + "rtt_min": 0.078, + "rtt_max": 0.219, + "rtt_avg": 0.096, + "pkt_loss": 0.0 + }, + "ping_500": { + "rtt_min": 0.083, + "rtt_max": 0.232, + "rtt_avg": 0.097, + "pkt_loss": 0.0 + }, + "ping_1000": { + "rtt_min": 0.087, + "rtt_max": 0.327, + "rtt_avg": 0.099, + "pkt_loss": 0.0 + } + }, + "chacha20": { + "iperf": { + "throughput": 2917879000.0, + "cpu_sender": 5.066722, + "cpu_receiver": 55.171241 + }, + "ping_100": { + "rtt_min": 0.081, + "rtt_max": 0.283, + "rtt_avg": 0.097, + "pkt_loss": 0.0 + }, + "ping_500": { + "rtt_min": 0.087, + "rtt_max": 0.348, + "rtt_avg": 0.103, + "pkt_loss": 0.0 + }, + "ping_1000": { + "rtt_min": 0.088, + "rtt_max": 0.309, + "rtt_avg": 0.105, + "pkt_loss": 0.0 + } + }, + "results": { + "throughput_mbits": { + "native": 9672.965, + "plain": 5728.527, + "aes256": 3706.944, + "aes128": 3876.646, + "chacha20": 2917.879 + }, + "latency_us": { + "plain": { + "100": 21.0, + "500": 19.5, + "1000": 19.5 + }, + "aes256": { + "100": 22.000000000000004, + "500": 22.000000000000004, + "1000": 22.499999999999996 + }, + "aes128": { + "100": 21.5, + "500": 21.0, + "1000": 21.0 + }, + "chacha20": { + "100": 22.000000000000004, + "500": 23.999999999999996, + "1000": 23.999999999999996 + } + } + } +} \ No newline at end of file diff --git a/contrib/performance.py b/contrib/performance.py index 2da82bf..5ba95a5 100755 --- a/contrib/performance.py +++ b/contrib/performance.py @@ -8,7 +8,7 @@ from datetime import date # Note: this script will run for ~8 minutes and incur costs of about $ 0.02 FILE = "../target/release/vpncloud" -VERSION = "2.0.1" +VERSION = "2.1.0" REGION = "eu-central-1" env = EC2Environment( diff --git a/contrib/testnet.py b/contrib/testnet.py index debb418..af52448 100755 --- a/contrib/testnet.py +++ b/contrib/testnet.py @@ -5,11 +5,11 @@ import atexit, argparse, os REGION = "eu-central-1" -VERSION = "2.0.1" +VERSION = "2.1.0" parser = argparse.ArgumentParser(description='Create a test setup') -parser.add_argument('--instancetype', default='t3.nano', help='EC2 instance type') +parser.add_argument('--instancetype', default='t3a.nano', help='EC2 instance type') parser.add_argument('--version', default=VERSION, help='VpnCloud version to use') parser.add_argument('--count', '-c', dest="count", type=int, default=2, help='Number of instance to create') parser.add_argument('--cluster', action="store_true", help='Cluster instances to get reliable throughput')