A Lightweight High-Performance VPN with Build-in Forward Error Correction Support, Improves your Network Quality on a High-latency Lossy Link, uses same lib as UDPspeeder.
tinyFecVPN的一键安装脚本的内容:
A Lightweight High-Performance VPN with Build-in Forward Error Correction Support(or A Network Improving Tool which works at VPN mode). Improves your Network Quality on a High-latency Lossy Link.
TinyFecVPN uses Forward Error Correction(Reed-Solomon code) to reduce packet loss rate, at the cost of additional bandwidth usage.
Assume your local network to your server is lossy. Just establish a VPN connection to your server with tinyFecVPN, access your server via this VPN connection, then your connection quality will be significantly improved. With well-tuned parameters , you can easily reduce IP or UDP/ICMP packet-loss-rate to less than 0.01% . Besides reducing packet-loss-rate, tinyFecVPN can also significantly improve your TCP latency and TCP single-thread download speed.
TinyFecVPN uses same lib as UDPspeeder, supports all FEC features of UDPspeeder. TinyFecVPN works at VPN mode,while UDPspeeder works at UDP tunnel mode.
简体中文(内容更丰富)
Note
UDPspeeder's repo:
Note2
You can use udp2raw with tinyFecVPN together to get better speed on some ISP with UDP QoS(UDP throttling).
udp2raw's repo:
Efficacy
Tested on a link with 100ms roundtrip and 10% packet loss at both direction. You can easily reproduce the test result by yourself.
Ping Packet Loss
SCP Copy Speed
Supported Platforms
Linux host (including desktop Linux,
Android phone/tablet, OpenWRT router, or Raspberry PI).Binaries for
amd64 x86mips_be mips_le arm are provided.
For Windows and MacOS, You can run TinyFecVPN inside this 7.5mb virtual machine image.
Need root or at least CAP_NET_ADMIN permission to run, for creating tun device.
How doest it work
TinyFecVPN uses FEC(Forward Error Correction) to reduce packet loss rate, at the cost of additional bandwidth usage. The algorithm for FEC is called Reed-Solomon.
Reed-Solomon
In coding theory, the Reed–Solomon code belongs to the class of non-binary cyclic error-correcting codes. The Reed–Solomon code is based on univariate polynomials over finite fields.It is able to detect and correct multiple symbol errors. By adding t check symbols to the data, a Reed–Solomon code can detect any combination of up to t erroneous symbols, or correct up to ⌊t/2⌋ symbols. As an erasure code, it can correct up to t known erasures, or it can detect and correct combinations of errors and erasures. Reed–Solomon codes are also suitable as multiple-burst bit-error correcting codes, since a sequence of b + 1 consecutive bit errors can affect at most two symbols of size b. The choice of t is up to the designer of the code, and may be selected within wide limits.
Check wikipedia for more info, https://en.wikipedia.org/wiki/Reed–Solomon_error_correction
Getting Started
Installing
Download binary release from https://github.com/wangyu-/tinyFecVPN/releases
Running
Assume your server ip is
44.55.66.77, you have a service listening on udp/tcp port 0.0.0.0:7777.# Run at server side:
./tinyvpn -s -l0.0.0.0:4096 -f20:10 -k "passwd" --sub-net 10.22.22.0
# Run at client side
./tinyvpn -c -r44.55.66.77:4096 -f20:10 -k "passwd" --sub-net 10.22.22.0
Now, use
10.22.22.1:7777 to connect to your service,all traffic will be improved by FEC. If you ping 10.22.22.1, you will get ping reply.Note
-f20:10 means sending 10 redundant packets for every 20 original packets.-k enables simple XOR encryptionAdvanced Topic
Usage
tinyFecVPN
git version: b03df1b586 build date: Oct 31 2017 19:46:50
repository: https://github.com/wangyu-/tinyFecVPN/
usage:
run as client: ./this_program -c -r server_ip:server_port [options]
run as server: ./this_program -s -l server_listen_ip:server_port [options]
common options, must be same on both sides:
-k,--key <string> key for simple xor encryption. if not set, xor is disabled
main options:
--sub-net <number> specify sub-net, for example: 192.168.1.0 , default: 10.22.22.0
--tun-dev <number> sepcify tun device name, for example: tun10, default: a random name such as tun987
-f,--fec x:y forward error correction, send y redundant packets for every x packets
--timeout <number> how long could a packet be held in queue before doing fec, unit: ms, default: 8ms
--mode <number> fec-mode,available values: 0, 1; 0 cost less bandwidth, 1 cost less latency;default: 0)
--report <number> turn on send/recv report, and set a period for reporting, unit: s
--keep-reconnect re-connect after lost connection,only for client.
advanced options:
--mtu <number> mtu. for mode 0, the program will split packet to segment smaller than mtu_value.
for mode 1, no packet will be split, the program just check if the mtu is exceed.
default value: 1250
-j,--jitter <number> simulated jitter. randomly delay first packet for 0~<number> ms, default value: 0.
do not use if you dont know what it means.
-i,--interval <number> scatter each fec group to a interval of <number> ms, to protect burst packet loss.
default value: 0. do not use if you dont know what it means.
--random-drop <number> simulate packet loss, unit: 0.01%. default value: 0
--disable-obscure <number> disable obscure, to save a bit bandwidth and cpu
developer options:
--tun-mtu <number > mtu of the tun interface,most time you shouldnt change this
--disable-mssfix <number > disable mssfix for tcp connection
-i,--interval imin:imax similiar to -i above, but scatter randomly between imin and imax
--fifo <string> use a fifo(named pipe) for sending commands to the running program, so that you
can change fec encode parameters dynamically, check readme.md in repository for
supported commands.
-j ,--jitter jmin:jmax similiar to -j above, but create jitter randomly between jmin and jmax
-i,--interval imin:imax similiar to -i above, but scatter randomly between imin and imax
-q,--queue-len <number> max fec queue len, only for mode 0
--decode-buf <number> size of buffer of fec decoder,u nit: packet, default: 2000
--fix-latency <number> try to stabilize latency, only for mode 0
--delay-capacity <number> max number of delayed packets
--disable-fec <number> completely disable fec, turn the program into a normal udp tunnel
--sock-buf <number> buf size for socket, >=10 and <=10240, unit: kbyte, default: 1024
log and help options:
--log-level <number> 0: never 1: fatal 2: error 3: warn
4: info (default) 5: debug 6: trace
--log-position enable file name, function name, line number in log
--disable-color disable log color
-h,--help print this help message
FEC Options
The program supports all options of UDPspeeder,check UDPspeeder repo for details:
Addtional Options
--tun-dev
Specify a tun device name to use. Example:
--tun-dev tun100.
If not set,tinyFecVPN will randomly chose a name,such as
tun987.
--sub-net
Specify the sub-net of VPN. Example:
--sub-net 10.10.10.0, in this way,server IP will be 10.10.10.1,client IP will be 10.10.10.2.
The last number of option should be zero, for exmaple
10.10.10.123 is invalild, and will be corrected automatically to 10.10.10.0.
--keep-reconnect
Only works at client side.
TinyFecVPN server only handles one client at same time,the connection of a new client will kick old client,after being kicked,old client will just exit by default.
If
--keep-reconnect is enabled , the client will try to get connection back after being kicked.Performance Test(throughput)
Server is a Vulr VPS in japan,CPU: single core 2.4GHz,ram: 512mb. Client is a Bandwagonhost VPS in USA,CPU: single core 2.0GHZ,ram: 96mb. To put pressure on the FEC algorithm, an additional 10% packet-loss rate was introduced at both direction.
Test command
Server side:
./tinyvpn_amd64 -s -l 0.0.0.0:5533 --mode 0 -f20:10
iperf3 -s
Client side:
./tinyvpn_amd64 -c -r 44.55.66.77:5533 --mode 0 -f20:10
iperf3 -c 10.22.22.1 -P10
Test result
Note: the performance is mainly limited by the RS code lib.
Other
For regulations consideration, there is currently an intended restriction at server side in the pre-released binaries. You cant use tinyFecVPN to access a third host directly. So, as a connection speed-up tool, when used alone, it only allows you to speed-up your connection to your server. You cant use it for bypassing firewalls by default.
You can easily get rid of this restriction by compiling the source code by yourself.
FROM https://github.com/wangyu-/tinyFecVPN
--------
#!/bin/bash
red='\e[91m'
green='\e[92m'
yellow='\e[93m'
none='\e[0m'
[[ $(id -u) != 0 ]] && echo -e " \n哎呀……请使用 ${red}root ${none}用户运行 ${yellow}~(^_^) ${none}\n" && exit 1
cmd="apt-get"
sys_bit=$(uname -m)
# 笨笨的检测方法
if [[ -f /usr/bin/apt-get ]] || [[ -f /usr/bin/yum ]]; then
if [[ -f /usr/bin/yum ]]; then
cmd="yum"
fi
else
echo -e " \n哈哈……这个 ${red}辣鸡脚本${none} 不支持你的系统。 ${yellow}(-_-) ${none}\n" && exit 1
fi
if [[ $sys_bit == "i386" || $sys_bit == "i686" ]]; then
tinyvpn="tinyvpn_x86"
elif [[ $sys_bit == "x86_64" ]]; then
tinyvpn="tinyvpn_amd64"
else
echo -e " \n$red毛支持你的系统....$none\n" && exit 1
fi
install() {
$cmd install wget -y
ver=$(curl -s https://api.github.com/repos/wangyu-/tinyFecVPN/releases/latest | grep 'tag_name' | cut -d\" -f4)
tinyFecVPN_download_link="https://github.com/wangyu-/tinyFecVPN/releases/download/$ver/tinyvpn_binaries.tar.gz"
mkdir -p /tmp/tinyFecVPN
if ! wget --no-check-certificate --no-cache -O "/tmp/tinyFecVPN.tar.gz" $tinyFecVPN_download_link; then
echo -e "$red 下载 tinyFecVPN 失败!$none" && exit 1
fi
tar zxf /tmp/tinyFecVPN.tar.gz -C /tmp/tinyFecVPN
cp -f /tmp/tinyFecVPN/$tinyvpn /usr/local/bin/tinyvpn
chmod +x /usr/local/bin/tinyvpn
if [[ -f /usr/local/bin/tinyvpn ]]; then
clear
echo -e "
$green tinyFecVPN 安装完成...$none
输入$yellow tinyvpn $none即可使用....
备注...这个脚本仅负责安装和卸载...
如何配置...后台运行...开鸡启动这些东西嘛...
大胸弟....你自己解决咯...
脚本问题反馈: https://github.com/233boy/tinyFecVPN/issues
tinyFecVPN 帮助或反馈: https://github.com/wangyu-/tinyFecVPN
"
else
echo -e " \n$red安装失败...$none\n"
fi
rm -rf /tmp/tinyFecVPN
rm -rf /tmp/tinyFecVPN.tar.gz
}
unistall() {
if [[ -f /usr/local/bin/tinyvpn ]]; then
tinyFecVPN_pid=$(pgrep "tinyvpn")
[ $tinyFecVPN_pid ] && kill -9 $tinyFecVPN_pid >/dev/null 2>&1
rm -rf /usr/local/bin/tinyvpn
echo -e " \n$green卸载完成...$none\n" && exit 1
else
echo -e " \n$red大胸弟...你貌似毛有安装 tinyFecVPN ....卸载个鸡鸡哦...$none\n" && exit 1
fi
}
error() {
echo -e "\n$red 输入错误!$none\n"
}
while :; do
echo
echo "........... tinyFecVPN 快速一键安装 by 233blog.com .........."
echo
echo "帮助说明: 等有空再水一篇文章...."
echo
echo " 1. 安装"
echo
echo " 2. 卸载"
echo
read -p "请选择[1-2]:" choose
case $choose in
1)
install
break
;;
2)
unistall
break
;;
*)
error
;;
esac
done
from https://raw.githubusercontent.com/233boy/tinyFecVPN/master/tinyFecVPN.sh
No comments:
Post a Comment