github/dndx-phantun
1
0
Fork 0
mirror of https://github.com/dndx/phantun.git synced 2025-01-18 22:09:30 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

docs(readme) add WireGuard MTU calculation steps

Browse Source
This commit is contained in:
Datong Sun 2021-09-19 02:59:50 -07:00
parent 3405dd38ed
commit 10468b48ce
1 changed files with 29 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
README.md
View File

@ -6,6 +6,7 @@ Table of Contents
=================
* [Phantun](#phantun)
* [Latest release](#latest-release)
* [Overview](#overview)
* [Usage](#usage)
* [Enable Kernel IP forwarding](#enable-kernel-ip-forwarding)
@ -17,12 +18,17 @@ Table of Contents
* [Server](#server)
* [Client](#client)
* [MTU overhead](#mtu-overhead)
* [MTU calculation for [WireGuard®](https://www.wireguard.com)](#mtu-calculation-for-wireguardhttpswwwwireguardcom)
* [Version compatibility](#version-compatibility)
* [Performance](#performance)
* [Future plans](#future-plans)
* [Compariation to udp2raw](#compariation-to-udp2raw)
* [License](#license)
# Latest release
[v0.1.0](https://github.com/dndx/phantun/releases/tag/v0.1.0)
# Overview
Phanton is a project that obfuscated UDP packets into TCP connections. It aims to
@ -50,6 +56,8 @@ Phantun creates TUN interface for both the Client and Server. For Client, Phantu
`net.ipv4.ip_forward` enabled and setup appropriate iptables rules for NAT between your physical
NIC address and Phantun's TUN interface address.
[Back to TOC](#table-of-contents)
## Enable Kernel IP forwarding
Edit `/etc/sysctl.conf`, add `net.ipv4.ip_forward=1` and run `sudo sysctl -p /etc/sysctl.conf`.
@ -145,6 +153,27 @@ of obfuscation.
[Back to TOC](#table-of-contents)
## MTU calculation for [WireGuard®](https://www.wireguard.com)
For people who use Phantun to tunnel WireGuard UDP packets, here are some guidelines on figuring
out the correct MTU to use for your WireGuard interface.
WireGuard MTU = MAX\_OF\_16(Interface MTU - IP header (20 bytes) - TCP header (20 bytes) - WireGuard overhead (32 bytes))
Where:
MAX\_OF\_16 takes an input integer and calculates the maximum multiple of 16 not exceeding the input. This
is needed because WireGuard will always pad it's payloads to multiple of 16 bytes.
For example, for a Ethernet interface with 1500 bytes MTU, the WireGuard interface MTU should be set as:
MAX\_OF\_16(1500 - 20 - 20 - 32) = 1424 bytes
The resulted Phantun TCP data packet will be 1424 + 20 + 20 + 32 = 1496 bytes which does not exceed the
interface MTU of 1500.
[Back to TOC](#table-of-contents)
# Version compatibility
While the TCP stack is fairly stable, the general expectation is that you should run same minor versions