Development discussion of WireGuard
 help / color / mirror / Atom feed
From: Anatoli <me@anatoli.ws>
To: wireguard@lists.zx2c4.com
Subject: iOS push notification issues
Date: Mon, 18 Mar 2019 17:54:42 -0300	[thread overview]
Message-ID: <8de1afbc-d8c6-a474-c101-29840744f753@anatoli.ws> (raw)


[-- Attachment #1.1: Type: text/plain, Size: 1792 bytes --]

Hi Jason, all.

I have detected some issues with iOS push notifications with WG while 
the device is in sleep mode (screen turned off).

First of all, in spite of having KeepAlive set to 10-30 seconds, iOS 
devices don't send keepalive packets at all while the screen is turned 
off. The only thing that is more or less always received on the server 
is the handshake, every 170 seconds.

It appears that from time to time WG@iOS is not receiving communications 
from the server – the device doesn't respond to any incoming connections 
(over the tunnel).

Due to this, the incoming push notifications don't reach the device via 
the tunnel: I see on the server incoming connections from WhatsApp and 
Apple servers, the WG@server tries to forward them to the device, on the 
underlying iface I see outgoing WG UDP packets to the client, but no 
reply from it.

The device awakes some moment later (probably for the handshake), WG@iOS 
communicates with WG@server, iOS establishes a connection to the APNS 
and receives the notifications. The effect is that the notifications 
enter with a delay (up to 2-3 min) and some incoming calls are lost 
(i.e. not answered on time due to lack of notification).

Also, sometimes iOS devices are trying to connect to 17.0.0.0/8 network 
(which belongs to Apple and is related to APNS) /outside/ the tunnel. 
After this connection fails (due to the firewall not allowing anything 
outside VPN), the devices start disconnecting from the WiFi.

Any idea why this happens? I know there are issues with iOS devices 
entering sleep, this is a huge problem for OpenVPN Connect app. WG on 
iOS somehow manages to work during sleep, but not always. Most (about 
80%) of the notifications are received correctly during sleep, but some 
fail.

Regards,
Anatoli

[-- Attachment #1.2: Type: text/html, Size: 2457 bytes --]

[-- Attachment #2: Type: text/plain, Size: 148 bytes --]

_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

                 reply	other threads:[~2019-03-20 22:43 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=8de1afbc-d8c6-a474-c101-29840744f753@anatoli.ws \
    --to=me@anatoli.ws \
    --cc=wireguard@lists.zx2c4.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).