From patchwork Tue Sep 17 02:44:47 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Lev Stipakov X-Patchwork-Id: 824 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director10.mail.ord1d.rsapps.net ([172.31.255.6]) by backend30.mail.ord1d.rsapps.net with LMTP id 4DleMojVgF16bQAAIUCqbw for ; Tue, 17 Sep 2019 08:46:00 -0400 Received: from proxy4.mail.iad3b.rsapps.net ([172.31.255.6]) by director10.mail.ord1d.rsapps.net with LMTP id oMhTL4jVgF1TJgAApN4f7A ; Tue, 17 Sep 2019 08:46:00 -0400 Received: from smtp16.gate.iad3b ([172.31.255.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy4.mail.iad3b.rsapps.net with LMTP id 2NyGKIjVgF3zaQAA9crAow ; Tue, 17 Sep 2019 08:46:00 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp16.gate.iad3b.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dkim=fail (signature verification failed) header.d=gmail.com; dmarc=fail (p=none; dis=none) header.from=gmail.com X-Suspicious-Flag: YES X-Classification-ID: 1a23551e-d949-11e9-ac06-5254004ed364-1-1 Received: from [216.105.38.7] ([216.105.38.7:43244] helo=lists.sourceforge.net) by smtp16.gate.iad3b.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id B0/E6-01658-985D08D5; Tue, 17 Sep 2019 08:46:01 -0400 Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.90_1) (envelope-from ) id 1iACrD-0007R0-BM; Tue, 17 Sep 2019 12:45:23 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) (envelope-from ) id 1iACrC-0007Qb-3u for openvpn-devel@lists.sourceforge.net; Tue, 17 Sep 2019 12:45:22 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:Content-Type:MIME-Version :Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=rTV8bDq6O8bc2mnTu34o0mmWBkIZwrIQwhCSaYMJM4w=; b=Gp1ctM91SptJR92W5xAmIML4sT w2zVhI3u17lo/e+z+OHNNm2iQjw51ULMSEWeEqxh0vEqZJyK1o/dM6jZYw0sFW4357zcyTnq1uLzC zP8I7zE8SESPtJd0FZZjDAflO68l/3FWZDpl5WTHQR12xByTyzC1pfWMVeOn/oaZnDoE=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:Content-Type:MIME-Version:Message-Id:Date: Subject:To:From:Sender:Reply-To:Cc:Content-ID:Content-Description:Resent-Date :Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post: List-Owner:List-Archive; bh=rTV8bDq6O8bc2mnTu34o0mmWBkIZwrIQwhCSaYMJM4w=; b=J 54swy7+I95raLewGkfp8npjniMpdgZucPKt3708ft0t07aLQ2P4muWdhLskDlxEkM1xOHveU8OnOn Fwn+o2k3fFI/iVl7aBbEkb8ewcTjacEZ/iUxdRrSvMijkersUjzKRqbSG87xKoacdsKwuAthLq4o7 DRd3Q9/rnkOC+t5c=; Received: from mail-ed1-f47.google.com ([209.85.208.47]) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.90_1) id 1iACr7-001Fcq-Pm for openvpn-devel@lists.sourceforge.net; Tue, 17 Sep 2019 12:45:21 +0000 Received: by mail-ed1-f47.google.com with SMTP id y91so3179336ede.9 for ; Tue, 17 Sep 2019 05:45:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:subject:date:message-id:mime-version :content-transfer-encoding; bh=rTV8bDq6O8bc2mnTu34o0mmWBkIZwrIQwhCSaYMJM4w=; b=rj8J15G8xbFDN1EeerEAacRGR0NIeU4WsxWHoRXIOl69APP9pNfTbbO79FpoapNRXA fJnLymnlYzD//na/98tcIbK3ryMdl91IwLiIG83WXCiNwrVaXjza74T2Pu7ETsOFV+Pn Vte3Z/IL2HdeKAIZhdW2uKbRzou4kxILvvYKSloF7FHU+i2ZqhdC61CW1A8rfOWKY6Ws 4UY41Uo6LWgT9USQdMram2/eN4E0gNcJFzaFVyfE1/Mly34nPMSntpU6m5361foQyUwG LiNmXUKn9/6LuAcRPqTZ9XMNWQ2WIszwWeWvO4lZBDWRnwTsTi34qJ2EKOThMR7/TE0o avPw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:mime-version :content-transfer-encoding; bh=rTV8bDq6O8bc2mnTu34o0mmWBkIZwrIQwhCSaYMJM4w=; b=rEWepRHK6mzxHulDesRhTK1p6Ejy64eBhlIW8bfAfC7iKHsgfwb25Hh3WRf8bSRAua /AJhrrSancs95kHsAVTEfpyLMeos3rjfRWaFBRZxMSStiDwqFIDXfrVRcX5xaUABiAfo nbtCRnz+b+zoEaWYOmlzxvqoAux9FUzym9TlX9rSPA3YB7KVzsWQZM9Cu80Rv0RwN11+ agImehcN04EYxfyduXex4p8Oz6pLSdsBIfEJTS2g47v1rmJSrRvGU8/A5HdL506e8m5j q41mZw1rdElFlmwxchYhpsdsIHxWma4ICJl8XatSNvCBtWbuYbxr9gIc9MZu/SoYJrjn MGAw== X-Gm-Message-State: APjAAAUtNNrqVMVsZb6r36eykbKrWoF1PkQUM3RIHl3caWF1ZljFKA/q AjT3wIbyv1nPR/kg1hgWJCsfWnam11Yk3A== X-Google-Smtp-Source: APXvYqzXCCHjyecwtq0zM2Yc7sgE/cOee+WoGUSk1z6pxKj519gbC+WIVTI40HH9mIJDQMMoRTfITg== X-Received: by 2002:a05:6402:121a:: with SMTP id c26mr2984575edw.100.1568724310757; Tue, 17 Sep 2019 05:45:10 -0700 (PDT) Received: from stipakov.fi (stipakov.fi. [128.199.52.117]) by smtp.gmail.com with ESMTPSA id j8sm326585edy.44.2019.09.17.05.45.09 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 17 Sep 2019 05:45:09 -0700 (PDT) From: Lev Stipakov To: openvpn-devel@lists.sourceforge.net Date: Tue, 17 Sep 2019 15:44:47 +0300 Message-Id: <1568724293-5069-1-git-send-email-lstipakov@gmail.com> X-Mailer: git-send-email 2.7.4 MIME-Version: 1.0 X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: openvpn.net] 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (lstipakov[at]gmail.com) -0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [209.85.208.47 listed in wl.mailspike.net] -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [209.85.208.47 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid X-Headers-End: 1iACr7-001Fcq-Pm Subject: [Openvpn-devel] [PATCH 1/7] Visual Studio: upgrade project files to VS2019 X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox From: Lev Stipakov This set of patches adds support of wintun kernel driver (https://www.wintun.net) to OpenVPN. While wintun is in beta, it performs significantly faster comparison to tap-windows6. Here are some performance numbers (download bandwidth): Server - community openvpn2 mingw, tap-windows6 - 340Mbit/s mingw, wintun - 675Mbit/s VS2019, tap-windows6 - 425Mbit/s VS2019, wintun - 750Mbit/s Server - propietary openvpn3 with kernel acceleration (in development) mingw, tap-windows6 - 360Mbit/s mingw, wintun - 840Mbit/s VS2019, tap-windows6 - 430Mbit/s VS2019, wintun - 1,14Gbit/s And for the reference openvpn3 test client, VS2019, wintun - 1,71Gbit/s Some observations from those numbers: * wintun performs more than twice faster comparison to tap-windows6 agains community server (750Mbit/s vs 340Mbit/s) * Visual Studio provides noticeable performance boost (up to 25%) * we should build Windows clients with VS, not with mingw * There's room for improvement in openvpn2, since under best conditions openvpn3 performs 50% faster Steps to try out new client: * Install Wintun driver * since driver is not signed, you need to enable test mode to install unsigned driver * run in administrative command prompt: bcdedit /set testsigning on * restart * download and unpack https://staging.openvpn.net/openvpn2/wintun-0.6-unsigned.zip to C:\Temp\wintun (for example) * if you have OpenVPN GUI client installed, run under administrative command prompt: c:\Program Files\TAP-Windows\bin>tapinstall.exe install c:\Temp\wintun\wintun.inf wintun * alternatively you can install driver via windows device manager -> action ->add legacy hardware -> install manually -> point to wintun.inf in C:\Temp\wintun * Install openvpn client with wintun support * download and unpack https://staging.openvpn.net/openvpn2/openvpn2-wintun-support.zip to C:\Temp\openvpn (for example) * if you use OpenVPN GUI, copy all files from C:\Temp\openvpn to C:\Program Files\OpenVPN\bin. Don't forget to stop OpenVPN Interactive Service before copying and start it back afterwards (net stop/start OpenVPNServiceInteractive in admin command prompt) * Connect to VPN from command line * run from administrative command prompt c:\Temp\openvpn>openvpn.exe --config client.ovpn --windows-driver wintun * you should see something around these lines in log Tue Sep 17 15:09:58 2019 us=296000 interactive service msg_channel=0 Tue Sep 17 15:09:58 2019 us=312000 open_tun Tue Sep 17 15:09:58 2019 us=312000 Wintun device [Lähiverkkoyhteys] opened: \\?\ROOT#NET#0004#{cac88484-7515-4c03-82e6-71a87abac361} Tue Sep 17 15:09:58 2019 us=312000 do_ifconfig, ipv4=1, ipv6=0 Tue Sep 17 15:09:59 2019 us=312000 NETSH: C:\Windows\system32\netsh.exe interface ip set address Lähiverkkoyhteys static 10.8.0.2 255.255.255.0 Tue Sep 17 15:10:00 2019 us=406000 NETSH: C:\Windows\system32\netsh.exe interface ip delete dns Lähiverkkoyhteys all Tue Sep 17 15:10:01 2019 us=484000 NETSH: C:\Windows\system32\netsh.exe interface ip set dns Lähiverkkoyhteys static 10.8.0.1 Tue Sep 17 15:10:14 2019 us=578000 NETSH: C:\Windows\system32\netsh.exe interface ip delete wins Lähiverkkoyhteys all Tue Sep 17 15:10:19 2019 us=296000 TEST ROUTES: 0/0 succeeded len=0 ret=1 a=0 u/d=up Tue Sep 17 15:10:19 2019 us=296000 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this Tue Sep 17 15:10:19 2019 us=296000 Initialization Sequence Completed * congratulations! * Connect to VPN from OpenVPN GUI * right click on tray icon -> profile name -> Edit Config * add "windows-driver wintun" to profile, save and close * right click on tray icon -> profile name -> Connect * you should see something around these lines in log Tue Sep 17 15:15:46 2019 interactive service msg_channel=676 Tue Sep 17 15:15:46 2019 open_tun Tue Sep 17 15:15:46 2019 Wintun device [Lähiverkkoyhteys] opened: \\?\ROOT#NET#0004#{cac88484-7515-4c03-82e6-71a87abac361} Tue Sep 17 15:15:46 2019 Ring buffers registered via service Tue Sep 17 15:15:46 2019 do_ifconfig, ipv4=1, ipv6=0 Tue Sep 17 15:15:46 2019 MANAGEMENT: >STATE:1568722546,ASSIGN_IP,,10.8.0.2,,,, Tue Sep 17 15:15:46 2019 Setting IPv4 dns servers on 'Lähiverkkoyhteys' (if_index = 3) using service Tue Sep 17 15:15:46 2019 IPv4 dns servers set using service Tue Sep 17 15:15:51 2019 TEST ROUTES: 0/0 succeeded len=0 ret=1 a=0 u/d=up Tue Sep 17 15:15:51 2019 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this Tue Sep 17 15:15:51 2019 Initialization Sequence Completed * congratulations! Signed-off-by: Lev Stipakov --- src/compat/compat.vcxproj | 12 ++++++------ src/openvpn/openvpn.vcxproj | 12 ++++++------ src/openvpnmsica/openvpnmsica.vcxproj | 14 +++++++------- src/openvpnserv/openvpnserv.vcxproj | 12 ++++++------ src/tapctl/tapctl.vcxproj | 14 +++++++------- 5 files changed, 32 insertions(+), 32 deletions(-) diff --git a/src/compat/compat.vcxproj b/src/compat/compat.vcxproj index 111dacd..e388008 100644 --- a/src/compat/compat.vcxproj +++ b/src/compat/compat.vcxproj @@ -22,30 +22,30 @@ {4B2E2719-E661-45D7-9203-F6F456B22F19} compat Win32Proj - 10.0.17134.0 + 10.0 StaticLibrary MultiByte true - v141 + v142 StaticLibrary MultiByte true - v141 + v142 StaticLibrary MultiByte - v141 + v142 StaticLibrary MultiByte - v141 + v142 @@ -115,4 +115,4 @@ - + \ No newline at end of file diff --git a/src/openvpn/openvpn.vcxproj b/src/openvpn/openvpn.vcxproj index 92d7e32..3422b64 100644 --- a/src/openvpn/openvpn.vcxproj +++ b/src/openvpn/openvpn.vcxproj @@ -22,30 +22,30 @@ {29DF226E-4D4E-440F-ADAF-5829CFD4CA94} openvpn Win32Proj - 10.0.17134.0 + 10.0 Application true Unicode - v141 + v142 Application true Unicode - v141 + v142 Application Unicode - v141 + v142 Application Unicode - v141 + v142 @@ -299,4 +299,4 @@ - + \ No newline at end of file diff --git a/src/openvpnmsica/openvpnmsica.vcxproj b/src/openvpnmsica/openvpnmsica.vcxproj index 5f1d699..afa4fae 100644 --- a/src/openvpnmsica/openvpnmsica.vcxproj +++ b/src/openvpnmsica/openvpnmsica.vcxproj @@ -31,32 +31,32 @@ {D41AA9D6-B818-476E-992E-0E16EB86BEE2} Win32Proj openvpnmsica - 10.0.17134.0 + 10.0 DynamicLibrary true - v141 + v142 Unicode true DynamicLibrary true - v141 + v142 Unicode DynamicLibrary true - v141 + v142 Unicode DynamicLibrary false - v141 + v142 true Unicode true @@ -64,14 +64,14 @@ DynamicLibrary false - v141 + v142 true Unicode DynamicLibrary false - v141 + v142 true Unicode diff --git a/src/openvpnserv/openvpnserv.vcxproj b/src/openvpnserv/openvpnserv.vcxproj index 7407757..7061b7b 100644 --- a/src/openvpnserv/openvpnserv.vcxproj +++ b/src/openvpnserv/openvpnserv.vcxproj @@ -22,30 +22,30 @@ {9C91EE0B-817D-420A-A1E6-15A5A9D98BAD} openvpnserv Win32Proj - 10.0.17134.0 + 10.0 Application Unicode true - v141 + v142 Application Unicode true - v141 + v142 Application Unicode - v141 + v142 Application Unicode - v141 + v142 @@ -139,4 +139,4 @@ - + \ No newline at end of file diff --git a/src/tapctl/tapctl.vcxproj b/src/tapctl/tapctl.vcxproj index 5c1983b..1d593fc 100644 --- a/src/tapctl/tapctl.vcxproj +++ b/src/tapctl/tapctl.vcxproj @@ -31,32 +31,32 @@ {A06436E7-D576-490D-8BA0-0751D920334A} Win32Proj tapctl - 10.0.17134.0 + 10.0 Application true - v141 + v142 Unicode true Application true - v141 + v142 Unicode Application true - v141 + v142 Unicode Application false - v141 + v142 true Unicode true @@ -64,14 +64,14 @@ Application false - v141 + v142 true Unicode Application false - v141 + v142 true Unicode