netbird icon indicating copy to clipboard operation
netbird copied to clipboard

Published 20 hours ago verified publisher icon netbirdio

Whether to support TCPOnly when udp is restricted by the carrier.

Open NerdvanaExplorer opened this issue 3 years ago • 4 comments

Whether to support TCPOnly when udp is restricted by the carrier.

NerdvanaExplorer avatar Aug 04 '22 09:08 NerdvanaExplorer

it is possible to support TCP only for connections that require Relay (the case you described), we might need to adjust a bit the agent

mlsmaycon avatar Aug 06 '22 13:08 mlsmaycon

@mlsmaycon

Please add it. It would be good a method that work similar way with DERP server. It is the only relay server that work every place that i test it! (i think the reason is the TLS/HTTPS working method)

vampywiz17 avatar Aug 10 '22 12:08 vampywiz17

@mlsmaycon

udp does not pass to change tcp, and so udp can be used and change back to udp, direct connection can not go to the relay, and so the hole is successful and change back to the direct connection. Keep detecting fallback.

NerdvanaExplorer avatar Aug 12 '22 07:08 NerdvanaExplorer

@iamshiyan It is out there already! We have a single TCP relay running and listening on port 443, but we will deploy more. Works with our cloud version at https://app.netbird.io/. Self-hosted is supported as well.

braginini avatar Sep 14 '22 07:09 braginini

@iamshiyan It is out there already! We have a single TCP relay running and listening on port 443, but we will deploy more. Works with our cloud version at https://app.netbird.io/. Self-hosted is supported as well.

How can this be self-hosted? I mean, I have a coturn server listening in UDP/TCP and I changed my management.json "Proto" to "TCP" in "Stun" and "Turn" sections, but this doesn't work when I block all UDP traffic with my firewall (it works, however, in unblocked UDP traffic). So, what am I doing wrong?

fernandoenzo avatar Jan 06 '23 10:01 fernandoenzo

@fernandoenzo @iamshiyan, Sorry for not getting back sooner. You can configure a TCP relay by adding a setting like the in your management.json Turn config:

        "Proto": "tcp",
        "URI": "turn:turn.example.com:3472?transport=tcp",

I will close this issue for now, please open a new one in case you want further assistance.

mlsmaycon avatar Jun 16 '23 15:06 mlsmaycon

@mlsmaycon Does netbird support tcp relay? if I set no-udp and no-udp-relay in coturn turnserver.conf, the netbird get error

netbird status -d
Relays: 
  [stun:stunserver.stunprotocol.org:3478] is Available
  [stun:stun.freeswitch.org:3478] is Available
  [turn:turn.xx.top:3478?transport=tcp] is Unavailable, reason: allocate: Allocate error response (error 442: UDP Transport is not allowed by the TURN Server configuration)

if I set no-udp, but unset no-udp-relay in coturn turnserver.conf, the netbird status no error, but It seem that netbird client use udp to connect coturn relay :

netbird status -d
Relays: 
  [stun:stunserver.stunprotocol.org:3478] is Available
  [stun:stun.freeswitch.org:3478] is Available
  [turn:turn.xx.top:3478?transport=tcp] is Available

xiaolei0125 avatar Mar 06 '24 10:03 xiaolei0125