NetworkExtension NWUDPSession

Interesting. Does the same happen with NWTCPConnection if you create a new tcp connection after the interface change? Also, when the interface changes, does your NEPacketTunnelNetworkSettings need to change to accomodate routing the packet and that is why your NEPacketTunnelProvider needs to restart? Lastly, if you send the packet to your VPN server with something like NWConnection, does this work?

Matt Eaton
DTS Engineering, CoreOS
meaton3@apple.com

Thanks for your answare, I don't use tcp connection only udpsession and i don't try NWConnection before, i try reload NEPacketTunnelNetworkSettings it still doesn't work. Can I use NWConnection instead of NWUDPSession, what is different between NWConnection and NWUDPSession, which is the best for use. this is not always a problem when the interface is changed a few times

Can I use NWConnection instead of NWUDPSession, what is different between NWConnection and NWUDPSession, which is the best for use. this is not always a problem when the interface is changed a few times

You can use NWConnection here instead of NWUDPSession. The NWUDPSession is an in-provider Networking API that is available to you by the provider. NWConnection is a standalone UDP transport API that can be used for UDP transfer if you have a packet encapsulation routine that you are working with.

Matt Eaton
DTS Engineering, CoreOS
meaton3@apple.com

Thanks Matt Eaton,

• I searched for NWConnection, I like it very much. But I could't found any documentation comparable NWConnection and NWUDPSession which one has better performance? which one is more stable?
• i want encrypte our UDP(specific port like 5098 ) packet and transfer to server also I want to encrypte all dns packet, so can i get only udp packet from specific ports (dns 53) with NWListener then transfer with NWConnection

I use PacketTunnelProvider

Thanks for your help.

But I could't found any documentation comparable NWConnection and NWUDPSession which one has better performance? which one is more stable?

I am not aware of any documentation like this. NWConnection is very similar to the in-provider networking APIs. The major difference is that it is a standalone networking API for TCP and UDP.

Regarding:

i want encrypte our UDP(specific port like 5098 ) packet and transfer to server also I want to encrypte all dns packet, so can i get only udp packet from specific ports (dns 53) with NWListener then transfer with NWConnection

Sure, NWConnection will just transfer the datagram messages over the transport, it does not get in the way of your encapsulation routines.

Matt Eaton
DTS Engineering, CoreOS
meaton3@apple.com

Hi Matt Eaton,

I used NWConnection still the problem persists. Usually within a day when the device sleeps and wakes up or when interface(wifi to cellular, cellular to wifi) change several times. NWConnection.receiveMessage always waiting, not get data. I'm watching with Wireshark, I see the packet without any problem.

I think this problem occurs when a little too many packages drop

I used NWConnection still the problem persists. Usually within a day when the device sleeps and wakes up or when interface(wifi to cellular, cellular to wifi) change several times. NWConnection.receiveMessage always waiting, not get data. I'm watching with Wireshark, I see the packet without any problem.

Are you able to see a status update in the stateUpdateHandler for NWConnection to attempt to try the reconnection when these issues take place?

Matt Eaton
DTS Engineering, CoreOS
meaton3@apple.com

Are you able to see a status update in the stateUpdateHandler for NWConnection to attempt to try the reconnection when these issues take place?

no,

sending connection packet, system receiving back response but not receiving connection packet, it happens more for dns packets. I close nwconnection and open it again, the problem persists. the problem is solved when vpn is turned off and on.

no,

sending connection packet, system receiving back response but not receiving connection packet, it happens more for dns packets. I close nwconnection and open it again, the problem persists. the problem is solved when vpn is turned off and on.

It sounds like the VPN in this case is going down and maybe this is less to do with the remote side of the connection. In the container app, are you tracking the NEVPNStatus?

Matt Eaton
DTS Engineering, CoreOS
meaton3@apple.com

It sounds like the VPN in this case is going down and maybe this is less to do with the remote side of the connection. In the container app, are you tracking the NEVPNStatus?

NEVPNStatus is connected and also NWConnection's status is ready

I've just realized. when send Icmp packet to our dns it unreachable, because I don't waiting icmp protocol so I don't routing icmp packet. Could this be the problem?

Could this be the problem?

Not sure if this is exactly the problem but this could be one avenue to investigate. One other technique you could try is to re-establish a NWTCPConnection before the NWUDPSession is established. That way you know their is connectivity through the tunnel before trying to send a datagram.

Matt Eaton
DTS Engineering, CoreOS
meaton3@apple.com