MPTCP proxy setup at home: easier now! May 31 2022 Focus 0 comments MPTCP is easier than ever. (Photo by Valdemaras D. https://unsplash.com/@deko_lt on Unsplash unsplash.com) Thanks to a huge collaborative effort from various people and companies, getting the benefits of Multipath TCP: redundancy, bonding and handover is easier than ever! Indeed, recent GNU/Linux distributions like Ubuntu 22.04 LTS, Fedora 36, RHEL 9 and many more come with a recent Linux kernel having MPTCP support enabled. It is no longer necessary to modify the system to install and use alternative kernels and core applications to have Multipath TCP on client and server hosts. Here, we can show you an example by putting in place a simple MPTCP proxy on a Raspberry Pi 4 in a home network and on a basic server online. This works with any Raspberry 2 or newer but also with any similar devices, home gateways and servers as long as you can install a recent GNU/Linux distributions mentioned above. Server side The only requirement here is to have Ubuntu 22.04 (or later) installed with administration rights on your VPS or dedicated server. This is often easy as many cloud providers already have pre-installed Ubuntu 22.04 images: you simply have to select this distribution from a list and connect to your server. Once logged in, it is time to install some applications from the official Ubuntu repositories: sudo apt update sudo apt install shadowsocks-libev mptcpize rng-tools5 Shadowsocks needs to use MPTCP: sudo mptcpize enable shadowsocks-libev.service It also needs to accept connections from the outside world: sudo sed -i 's/"server":.*/"server":["::0","0.0.0.0"],/' \ /etc/shadowsocks-libev/config.json Please also note the password from this configuration file somewhere, it will be needed for the client: grep password /etc/shadowsocks-libev/config.json | cut -d\" -f4 Now shadowsocks can be restarted: sudo systemctl restart shadowsocks-libev.service That’s it! Client side Similar to the server side, the only requirement is to have Ubuntu 22.04 (or later) installed on your home device. This tutorial can be followed to help installing Ubuntu 22.04 on a Raspberry Pi. To use multiple networks, a USB dongle can be plugged in to connect to a 4G/5G network. Once logged in in a terminal, it is time to install the same applications as the ones installed on the server side: sudo apt update sudo apt install shadowsocks-libev mptcpize rng-tools5 Also here, Shadowsocks needs to use MPTCP: sudo mptcpize enable shadowsocks-libev.service More modifications of Shadowsocks configuration are needed, so the best is to open the JSON file with a text editor, e.g.: sudo nano /etc/shadowsocks-libev/config.json Make sure: The “server” key has the IP of your own server, e.g.: "server":["1.2.3.4"] The password is the same as the one set on the server side, e.g.: "password":"tessares" It is also needed to use “ss-local” application instead of “ss-server” to act as a local SOCKS TCP to MPTCP proxy: sudo systemctl edit shadowsocks-libev.service Then add: [Service] ExecStart= ExecStart=/usr/bin/ss-local -c $CONFFILE $DAEMON_ARGS (yes, two “ExecStart” to completely override the default command) One last step is to tell the kernel it can use multiple interfaces, e.g. here, the usb0 interface was used to reach Internet via the cellular network through 192.168.10.1 gateway: sudo ip mptcp limits set subflow 2 sudo ip mptcp endpoint add 192.168.10.2 dev usb0 subflow sudo ip rule add from 192.168.10.2 table 42 sudo ip route add default via 192.168.10.1 table 42 End User devices side Often, you can configure the whole system, just your browser or some specific apps to use this new TCP to MPTCP proxy by mentioning: Host: <IP of the Raspberry Pi> Port: 1080 Examples: Ubuntu: Settings → Network → Network Proxy → Manual → Socks MacOSx: System Preferences → Network → Advanced → Proxy → Socks iOS: Settings → WiFi Settings → <WiFi AP> → Manual Proxy Android: Settings → Network → <WiFi AP> → Edit → Advanced → Proxy Windows 11: Control Panel → Internet Options → Connections tab → LAN settings → Use a proxy server for your LAN → Active Bypass proxy server for local addresses → Advanced → Disable “Use the same proxy server for all protocols” → Socks For the tests, brave users can execute this useful command from a terminal: curl -x socks5h://<IP of the Raspberry Pi>:1080 http://example.com It is possible to check MPTCP is correctly used by executing any of these commands on either the proxy client or server when there is some MPTCP traffic in progress: nstat ss -Ma sudo tcpdump -n "tcp and port 8388 and tcp[tcpflags] & (tcp-syn) != 0" Notes In this setup, the “Upstream” Linux re-implementation of MPTCP with the MPTCPv1 protocol has been used. This implementation doesn’t support MPTCPv0 that was usually deployed before, e.g. on multipath-tcp.org and amiusingmptcp.de servers. This is then normal if these services tell the MPTCPv1 users they are not MPTCP(v0) capable. Please note that the work around the MPTCP “Upstream” implementation is still in progress. New features and other improvements, some of them present in the previous Linux fork project, are still being developed. Conclusion Thanks to the recent kernel and hours of work by multiple people, it is now just a matter of using “mptcpize” tool to force a generic application or service to use MPTCP instead of TCP. This work is supported by NGI POINTER (NGI Program for Open Internet Renovation) which has received funding from the European Commission, as part of the Horizon 2020 Research and Innovation Programme, under Grant Agreement Nº871528. Matthieu Baerts Share Related content Unbreakable Broadband Aug 17 2023 MPTCP application 0 comments Ottie, l’assurance connectivité du télétravailleur, maintenant disponible! Quelque soit votre activité, Ottie maintient votre connectivité. COMMUNIQUE DE PRESSE – LOUVAINLANEUVE, 17 […] + Read more Cellular Wi-Fi Convergence Feb 21 2023 MPTCP application 0 comments Wi-Fi Cellular Convergence Field Trials Photo credit: https://unsplash.com/@frostroomhead Mobile operators (MNOs and MVNOs) want their customers to be automatically always […] + Read more
Unbreakable Broadband Aug 17 2023 MPTCP application 0 comments Ottie, l’assurance connectivité du télétravailleur, maintenant disponible! Quelque soit votre activité, Ottie maintient votre connectivité. COMMUNIQUE DE PRESSE – LOUVAINLANEUVE, 17 […] + Read more
Cellular Wi-Fi Convergence Feb 21 2023 MPTCP application 0 comments Wi-Fi Cellular Convergence Field Trials Photo credit: https://unsplash.com/@frostroomhead Mobile operators (MNOs and MVNOs) want their customers to be automatically always […] + Read more