Ask / Submit
0

[Bug] VPN reconnection to xmpp

asked 2017-06-01 23:23:58 +0300

cy8aer gravatar image

There seems to be a problem with the reconnection of an XMPP account when initializing a tunnel. Best to be seen when patching the Ultimate status bar (because you can show your xmpp status on statusbar with this patch)

  • create an xmpp connection (and check if you are online, check if you can send messages to another account)
  • start up a tunnel (e.g. openvpn) via the new vpn mimicry
  • your XMPP account might show online status
  • try to send another message

expected: ringding message arrives

actual: it is not sure if the message arrives. Sometimes it arrives on some accounts another accounts fail. This uncertainties become more frequent with instable mobile networks (sitting in a train).

edit retag flag offensive close delete

1 Answer

Sort by » oldest newest most voted
1

answered 2017-06-02 00:41:04 +0300

Pasko gravatar image

Hi.

I have a setup that switches without problems between WiFi and celular+VPN.

I use WiFi at home and the OpenVPN when I'm not at home. I also have an XMPP client in my Jolla which connects to a home server either via WiFi or via celular+VPN.

What is really important for me is to be sure that the client is configured with the "auto-connect" option set. Here's what my XMPP settings look like:


[nemo@Sailfish ~]$ mc-tool show gabble/jabber/_317_40172_2e26_2e0_2e20
     Account: gabble/jabber/_317_40172_2e26_2e0_2e20
Display Name: JollaC
  Normalized: 17@172.26.0.2
     Enabled: enabled
        Icon: im-jabber
    Connects: automatically
    Nickname: 17@172.26.0.2
     Service: jabber

Presences:
   Automatic: available (2) ""
     Current: available (2) ""
   Requested: available (2) ""
    Changing: no

        (bool) require-encryption = false
        (uint) port = 5222
      (string) password = _
      (string) server = claudia.lan
      (string) account = 17@172.26.0.2

As you can see, there's an entry called "Connects: automatically"

And this is the command I used to set this option:

[nemo@Sailfish ~]$ mc-tool auto-connect gabble/jabber/_317_40172_2e26_2e0_2e20 on

Now, whenever I switch between VPN and non-VPN the client reconnects automatically to the server.

Hope this helps.

Regards.

edit flag offensive delete publish link more

Comments

@Pasko: first of all: thank you for your information which is very helpful for debugging.

Unfortunately: Connects: automatically is set at my account.

As I understand your xmpp is a private one running on an internal server in your network and you can only reach it from "internal" - which might be through the tunnel (for me tunnel connections are internal connections too).

My xmpp server is running outside in the internet. So it is reachable from everywhere and any ip. When I start the tunnel the default route is set through the vpn interface. So every internet connectivity is redirected through the tunnel (hopefully without any interruption).

I do not know how the keepalive watchdog of the xmpp client is working (is there a ping xep?) but it would not have any interruption in reaching the the server though it's official address is changing (because it is the outgoing IP of my home network now and not my LTE provider's then). And because it is reachable the whole time the client will not re-connect probably. I do not know if the server can identify the client when it does keepalive pings and I do not know if there is some condition how the server can (as in rfc "can") react on it. I do not know if a prosody does if there is such a protocol. Probably not.

IMHO this situation must be notified from "outside" the xmpp client - connman(?) to let the client reinitiate the connection.

In case of having a private xmpp server with private addresses and you leave home you will have an unreachable disconnect (because you cannot reach your private addresses anymore) and this is detected by the xmpp client ("keepalive watchdog" detects it). With the initialization of the vpn the xmpp server is reachable again and the xmpp client can (and does!) re-connect.

In my case I cannot "see" any reconnect it is just "connected" the whole time without any short flickering.

cy8aer ( 2017-06-02 11:23:41 +0300 )edit

Hi.

I have re-read your statement of the problem and see that you are using the VPN client included in SailFishOS.

I am using the SecureFishNet app. I know it is not opensourced but works a treat for me.....

Also: How do you check connectivity between your XMPP client and the server?

Do you ping the server from the console or you just check the 'status' from the Settings->Availability app?. Whenever I use the Sailfish VPN it shows as connected but I can't reach any hosts in my LAN.... but maybe this is due to a bad setup... My understanding is that you can for instance surf the Web but your XMPP client simply refuses to work sometimes..

Regards.

Pasko ( 2017-06-03 00:27:25 +0300 )edit

I only check the connectivity between the server and the client only by status. Of course I pinged the server from the Jolla some time - also when opening the tunnel (you will lose at most one packet at the moment the routing is switching)

But the question is what mechanism the client itself uses to check it's state. Because if it is not online anymore it changes it's state.

I will now:

  • read standards (https://xmpp.org/extensions/index.html - e. g. XEP-0199)
  • sniff on the client side and server side
  • correlate the stuff with wireshark and key cracking - own machines, own keys so wireshark can look into the unencrypted traffic

Hope that I can see more.

@Pasko: Yes it is loosing connections sometimes. I had effects where I could talk to a friend and another did not get any message at the same time.

cy8aer ( 2017-06-03 14:08:06 +0300 )edit

O.K.

Good luck! :-)

Regards.

Pasko ( 2017-06-04 01:07:03 +0300 )edit
Login/Signup to Answer

Question tools

Follow
2 followers

Stats

Asked: 2017-06-01 23:23:58 +0300

Seen: 101 times

Last updated: Jun 02