firezone
connlib: tracking issue for battery & bandwidth optimisations
Connlib utilises ICE, STUN & TURN to reliably establish a connection between client and gateway. This is achieved by creating candidates from local socket addresses and remote-allocated relay addresses and testing the connectivity between them.
The best[^1] candidate pair wins and we establish a WG tunnel for that socket pair. Unfortunately, the redundancy of candidate pairs causes background traffic that is especially problematic on mobile devices.
This issue aims to track a list of optimisations that we can implement whilst staying compliant with ICE that reduces this problem. Deviating from ICE is deliberately out of scope in order to not impact reliablity. A deeper integration with str0m (the ICE agent) and boringtun (the WG library) may yield further improvements in the future.
### Optimisations (in order of expected impact)
- [ ] https://github.com/firezone/firezone/pull/5576
- [ ] Detect our NAT status via our relays and don't send relay candidates if we are behind a destination-independent NAT (which will allow hole-punching)
- [ ] Don't use every relay for every connection
[^1]: As per ICE spec.
### Related issues
- [ ] https://github.com/firezone/firezone/issues/4060
@jamilbk Do we want some of these optimisations in the 1.1.0 client release?
Closing idle connections will be the biggest needle mover -- is that fairly simple to implement? I wouldn't want to introduce new bugs at this point.
Closing idle connections will be the biggest needle mover -- is that fairly simple to implement? I wouldn't want to introduce new bugs at this point.
I'll attempt it tomorrow in a time-box!
With single relay per connection and the low power mode, I think we can consider this done!