Improve WireGuard handshake success rate

The controller peer sends WireGuard
handshake requests only
This commit is contained in:
Zoltán Papp 2024-12-20 12:10:39 +01:00
parent 039a985f41
commit e9b3b6210d

View File

@ -531,11 +531,18 @@ func (conn *Conn) listenGuardEvent(ctx context.Context) {
} }
func (conn *Conn) configureWGEndpoint(addr *net.UDPAddr) error { func (conn *Conn) configureWGEndpoint(addr *net.UDPAddr) error {
var endpoint *net.UDPAddr
// Force to only one side send handshake request to avoid the handshake congestion in WireGuard connection.
// Configure up the WireGuard endpoint only on the initiator side.
if isWireGuardInitiator(conn.config) {
endpoint = addr
}
return conn.config.WgConfig.WgInterface.UpdatePeer( return conn.config.WgConfig.WgInterface.UpdatePeer(
conn.config.WgConfig.RemoteKey, conn.config.WgConfig.RemoteKey,
conn.config.WgConfig.AllowedIps, conn.config.WgConfig.AllowedIps,
defaultWgKeepAlive, defaultWgKeepAlive,
addr, endpoint,
conn.config.WgConfig.PreSharedKey, conn.config.WgConfig.PreSharedKey,
) )
} }
@ -761,6 +768,11 @@ func isController(config ConnConfig) bool {
return config.LocalKey > config.Key return config.LocalKey > config.Key
} }
// isWireGuardInitiator returns true if the local peer is the initiator of the WireGuard connection
func isWireGuardInitiator(config ConnConfig) bool {
return isController(config)
}
func isRosenpassEnabled(remoteRosenpassPubKey []byte) bool { func isRosenpassEnabled(remoteRosenpassPubKey []byte) bool {
return remoteRosenpassPubKey != nil return remoteRosenpassPubKey != nil
} }