Question about proper MPTCP configuration over VPN.

[PiotrKulesza]

Hello,

First some background before I get to the actual question:

I am a student and have to do a project that is using multipath protocols.

I'm a bit of a newbie when it comes to MPTCP, so my question may seem too simple for others. I'm trying to send a video stream from a client with two 4g modem interfaces to a server with one Ethernet interface. There is a VPN connection between the client and the server using the OpenVPN Access Server located in AWS. Below is the configuration of both machines:

• Client:

$ ip mp l
add_addr_accepted 0 subflows 2 
$ ip mp e
192.168.39.100 id 1 subflow dev enx0c5b8f279a64 
192.168.49.100 id 2 subflow dev eth1 

-Server:

$ ip mp l
add_addr_accepted 0 subflows 2 
$ ip mp e
172.16.1.12 id 1 signal dev tun0 

As you can see, the client in the endpoints has configured IPs assigned by the modems, but the server already has the VPN tunnel IP configured.

While testing this setup with Iperf, I noticed that data was being sent only on one modem, and the other was not being used.

However, mptcp monitor indicates that 2 connections occurred:

[       CREATED] token=ab2554da remid=0 locid=0 saddr4=172.16.1.13 daddr4=172.16.1.12 sport=38126 dport=7575
[   ESTABLISHED] token=ab2554da remid=0 locid=0 saddr4=172.16.1.13 daddr4=172.16.1.12 sport=38126 dport=7575
[       CREATED] token=ba387670 remid=0 locid=0 saddr4=172.16.1.13 daddr4=172.16.1.12 sport=38130 dport=7575
[   ESTABLISHED] token=ba387670 remid=0 locid=0 saddr4=172.16.1.13 daddr4=172.16.1.12 sport=38130 dport=7575
[        CLOSED] token=ba387670
[        CLOSED] token=ab2554da

Question:

Could someone more experienced tell me what I'm doing wrong or what I'm missing? Every tip is valuable.

[matttbe]

Hi,

I'm trying to send a video stream from a client with two 4g modem interfaces to a server with one Ethernet interface.

Just to be sure, is this video stream using TCP, not UDP?

There is a VPN connection between the client and the server using the OpenVPN Access Server located in AWS.

A VPN using a TCP connection, not UDP? Are you going to have TCP connections inside a TCP tunnel (which is not recommended, use a proxy instead to avoid TCP CC clash)

-Server:

$ ip mp l
add_addr_accepted 0 subflows 2 
$ ip mp e
172.16.1.12 id 1 signal dev tun0 

If the server has only one interface, there is no need to add an MPTCP endpoint. Also, I guess 'tun0' is not what you want: it should be the public-facing interface, except if your goal is to have MPTCP inside the tunnel?

While testing this setup with Iperf, I noticed that data was being sent only on one modem, and the other was not being used.

Which version of IPerf? Is it IPerf3? Because IPerf3 creates at least two connections (control + data), likely what you see via ip mptcp monitor.

Also, which version of the kernel are you using on both the client and the server? Please make sure you are using a recent enough kernel and up to date: ideally the last stable version, or the last LTS, (or an up-to-date LTS, ideally >= 6.1)

In your case, the client should create the second path using its second address. Are you using the same cellular networks? (some cellular networks still drop MPTCP options)
You can get more info about the created connections using ss and nstat: https://www.mptcp.dev/debugging.html