To list namespaces (which are comparable to accounts) in headscale, run
headscale namespaces list
If you are using headscale using docker-compose, use e.g.
docker-compose exec headscale headscale namespaces list
Example output
ID | Name | Created 1 | uli | 2022-01-16 19:54:55
Also see our guide on How to setup headscale server in 5 minutes using docker-compose
Assuming you are running your headscale server at https://headscale.mydomain.com and you have already created a namespace named mynamespace, use one of the following methods:
First, create a pre-authkey token which is valid for 24h on the server:
headscale preauthkeys create -e 24h -n mynamespace
or (docker-compose version)
docker-compose exec headscale headscale preauthkeys create -e 24h -n mynamespace
This will generate a pre-auth key such as 3215a1ce7967c11e8ea844b3e199d3c46f9f5e7b660b48fb which you can send to the user.
Now login on the client using
tailscale up --login-server https://headscale.mydomain.com --authkey 3215a1ce7967c11e8ea844b3e199d3c46f9f5e7b660b48fb
tailscale up --login-server https://headscale.mydomain.com
On the client, this will show you an URL to access using your browser on the headscale server. This will in turn give you a command that you need to run on the host running the headscale container. If running headscale using docker-compose, prepend docker-compose exec headscale to the command and replace NAMESPACE by the name of your namespace.
The only reason why this method is not recommended by me is because it requires back-and-forth interaction between the user and the administrator which I don’t consider practical.
In your syslog which you can see using
dmesg
you see a lot of [UFW BLOCK] messages like these:
[600810.355752] [UFW BLOCK] IN=enp0s3 OUT= MAC=02:00:17:02:76:ad:00:00:17:b9:55:d6:08:00 SRC=45.146.164.226 DST=10.0.0.130 LEN=40 TOS=0x00 PREC=0x00 TTL=251 ID=59316 PROTO=TCP SPT=48741 DPT=50713 WINDOW=1024 RES=0x00 SYN URGP=0 [600831.477953] [UFW BLOCK] IN=enp0s3 OUT= MAC=02:00:17:02:76:ad:00:00:17:b9:55:d6:08:00 SRC=74.118.36.15 DST=10.0.0.130 LEN=40 TOS=0x00 PREC=0x00 TTL=58 ID=59050 PROTO=TCP SPT=7527 DPT=23 WINDOW=14663 RES=0x00 SYN URGP=0 [600853.366152] [UFW BLOCK] IN=enp0s3 OUT= MAC=02:00:17:02:76:ad:00:00:17:b9:55:d6:08:00 SRC=34.77.162.17 DST=10.0.0.130 LEN=44 TOS=0x00 PREC=0x00 TTL=253 ID=51373 PROTO=TCP SPT=50218 DPT=5900 WINDOW=1024 RES=0x00 SYN URGP=0 [600876.538979] [UFW BLOCK] IN=enp0s3 OUT= MAC=02:00:17:02:76:ad:00:00:17:b9:55:d6:08:00 SRC=74.118.36.15 DST=10.0.0.130 LEN=40 TOS=0x00 PREC=0x00 TTL=58 ID=59050 PROTO=TCP SPT=7527 DPT=23 WINDOW=14663 RES=0x00 SYN URGP=0
Disable ufw logging using
sudo ufw logging off
and no new messages should appear.
When trying to do a Tasmota firmware upgrade on the Nous A1T, you see this error message:
Upload Failed Upload buffer miscompare
This issue occurs because in the default configuration there is not enough flash space to flash the firmware.
However, this is easy to fix: First, flash the tasmota-minimal.bin.gz firmware, then flash the regular tasmota.bin.gz firmware using the webinterface of the minimal firmware.
Download link for the minimal firmware
Download link for the regular firmware
After that, upgrades will work just fine.
On the Tasmota console, you see an error message like
17:56:11.326 MQT: Connect failed to 10.19.50.10:1883, rc 5. Retry in 50 sec
Your MQTT username/password is wrong. Check if they match what you have configured in your server in the Tasmota MQTT configuration page.
Just run this sequence of commands to install tailscale. This will automatically determine the correct Ubuntu version
curl -fsSL https://pkgs.tailscale.com/stable/ubuntu/$(lsb_release -sc).gpg | sudo apt-key add - curl -fsSL https://pkgs.tailscale.com/stable/ubuntu/$(lsb_release -sc).list | sudo tee /etc/apt/sources.list.d/tailscale.list sudo apt-get update sudo apt-get install tailscale
This headscale setup is using sqlite – with a much lighter memory & CPU footprint than PostgreSQL for simple usecases, I recommend this for almost any installation: Headscale doesn’t have to manage that many requests and using sqlite3 is fine for all but the most demanding setups.
First, create the directory where headscale and all the data will reside in (we use /opt/headscale in this example).
sudo mkdir -p /opt/headscale
Now run the following script in /opt/headscale to initialize the files and directories headscale requires:
mkdir -p ./config touch ./config/db.sqlite curl https://raw.githubusercontent.com/juanfont/headscale/main/config-example.yaml -o ./config/config.yaml
Note: We have an alternate docker-compose config for use with Traefik as an reverse proxy, see Headscale docker-compose config for Traefik HTTPS reverse proxy
Now it’s time to create /opt/headscale/docker-compose.yml:
version: '3.5'
services:
headscale:
image: headscale/headscale:latest
volumes:
- ./config:/etc/headscale/
- ./data:/var/lib/headscale
ports:
- 27896:8080
command: headscale serve
restart: unless-stoppedThis will configure headscale to run its HTTP server on port 27896. You can reverse proxy this port to the domain of your choice.
Now we should edit the server name in config/config.yaml:
server_url: https://headscale.mydomain.com
Note that you need to restart tailscale after each
Next, see How to create namespace on headscale server for details on how you can create a namespace. Once you have created a namespace (comparable to an account on the commercial tailscale service), you can continue connecting clients (the client software is called tailscale), see e.g. How to connect tailscale to headscale server on Linux
Using the method described in our previous post Create a systemd service for your docker-compose project in 10 seconds we will now setup autostart on boot for headscale using systemd. This command will also start it immediately:
curl -fsSL https://techoverflow.net/scripts/create-docker-compose-service.sh | sudo bash /dev/stdin
Use this command to view & follow the logs:
docker-compose logs -f
Example output
headscale_1 | [GIN-debug] [WARNING] Creating an Engine instance with the Logger and Recovery middleware already attached. headscale_1 | headscale_1 | [GIN-debug] [WARNING] Running in "debug" mode. Switch to "release" mode in production. headscale_1 | - using env: export GIN_MODE=release headscale_1 | - using code: gin.SetMode(gin.ReleaseMode) headscale_1 | headscale_1 | [GIN-debug] GET /metrics --> github.com/zsais/go-gin-prometheus.prometheusHandler.func1 (4 handlers) headscale_1 | [GIN-debug] GET /health --> github.com/juanfont/headscale.(*Headscale).Serve.func2 (4 handlers) headscale_1 | [GIN-debug] GET /key --> github.com/juanfont/headscale.(*Headscale).KeyHandler-fm (4 handlers) headscale_1 | [GIN-debug] GET /register --> github.com/juanfont/headscale.(*Headscale).RegisterWebAPI-fm (4 handlers) headscale_1 | [GIN-debug] POST /machine/:id/map --> github.com/juanfont/headscale.(*Headscale).PollNetMapHandler-fm (4 handlers) headscale_1 | [GIN-debug] POST /machine/:id --> github.com/juanfont/headscale.(*Headscale).RegistrationHandler-fm (4 handlers) headscale_1 | [GIN-debug] GET /oidc/register/:mkey --> github.com/juanfont/headscale.(*Headscale).RegisterOIDC-fm (4 handlers) headscale_1 | [GIN-debug] GET /oidc/callback --> github.com/juanfont/headscale.(*Headscale).OIDCCallback-fm (4 handlers) headscale_1 | [GIN-debug] GET /apple --> github.com/juanfont/headscale.(*Headscale).AppleMobileConfig-fm (4 handlers) headscale_1 | [GIN-debug] GET /apple/:platform --> github.com/juanfont/headscale.(*Headscale).ApplePlatformConfig-fm (4 handlers) headscale_1 | [GIN-debug] GET /swagger --> github.com/juanfont/headscale.SwaggerUI (4 handlers) headscale_1 | [GIN-debug] GET /swagger/v1/openapiv2.json --> github.com/juanfont/headscale.SwaggerAPIv1 (4 handlers) headscale_1 | [GIN-debug] GET /api/v1/*any --> github.com/gin-gonic/gin.WrapF.func1 (5 handlers) headscale_1 | [GIN-debug] POST /api/v1/*any --> github.com/gin-gonic/gin.WrapF.func1 (5 handlers) headscale_1 | [GIN-debug] PUT /api/v1/*any --> github.com/gin-gonic/gin.WrapF.func1 (5 handlers) headscale_1 | [GIN-debug] PATCH /api/v1/*any --> github.com/gin-gonic/gin.WrapF.func1 (5 handlers) headscale_1 | [GIN-debug] HEAD /api/v1/*any --> github.com/gin-gonic/gin.WrapF.func1 (5 handlers) headscale_1 | [GIN-debug] OPTIONS /api/v1/*any --> github.com/gin-gonic/gin.WrapF.func1 (5 handlers) headscale_1 | [GIN-debug] DELETE /api/v1/*any --> github.com/gin-gonic/gin.WrapF.func1 (5 handlers) headscale_1 | [GIN-debug] CONNECT /api/v1/*any --> github.com/gin-gonic/gin.WrapF.func1 (5 handlers) headscale_1 | [GIN-debug] TRACE /api/v1/*any --> github.com/gin-gonic/gin.WrapF.func1 (5 handlers) headscale_1 | 2022-01-16T19:04:04Z WRN Listening without TLS but ServerURL does not start with http:// headscale_1 | 2022-01-16T19:04:04Z INF listening and serving (multiplexed HTTP and gRPC) on: 0.0.0.0:8080 headscale_1 | 2022-01-16T19:04:04Z INF Setting up a DERPMap update worker frequency=86400000
The following example builds on our config from Simple Traefik docker-compose setup with Lets Encrypt Cloudflare DNS-01 & TLS-ALPN-01 & HTTP-01 challenges
This config (placed in /etc/traefik/conf/myservice.toml – which is mapped to ./conf/myservice.toml i.e. /opt/traefik/conf/myservice.toml in our docker-compose example) generates a wildcard certificate for *.mydomain.com (also including just mydomain.com) using the cloudflare certificate provider and uses said wildcard certificate for myservice.mydomain.com and any other *.mydomain.com backends you have configured.
This config will reverse proxy all traffic on myservice.mydomain.com to 192.168.178.233:8080
# Host [http.routers.myservice] rule = "Host(`myservice.mydomain.com`)" service = "myservice" # Backend [http.services] [http.services.myservice.loadBalancer] [[http.services.myservice.loadBalancer.servers]] url = "http://192.168.178.233:8080/" # Certificates [http.routers.myservice.tls] certresolver = "cloudflare" [[http.routers.myservice.tls.domains]] main = "mydomain.com" sans = ["*.mydomain.com"]
Note that cloudflare in certresolver = "cloudflare" refers to the provider configured using
--certificatesresolvers.cloudflare....
but you can choose any other name with the cloudflare method such as --certificatesresolvers.myprovider.acme.dnschallenge.provider=cloudflare in which case the provider will be referred to as myprovider !
This is my setup using docker-compose to start Traefik, supporting all major encryption providers. I recommend to create the /opt/traefikdirectory and save the following file as /opt/traefik/docker-compose.yml. This config has the fileand docker providers enabled by default.
version: "3.4"
services:
traefik:
image: "traefik:v2.8"
network_mode: "host"
command:
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--providers.file.directory=/etc/traefik/conf"
- "--providers.file.watch=true"
- "--entrypoints.web.address=:80"
- "--entryPoints.web.http.redirections.entryPoint.to=websecure"
- "--entryPoints.web.http.redirections.entryPoint.scheme=https"
- "--entrypoints.websecure.address=:443"
- "--log.level=info"
- "--serversTransport.insecureSkipVerify=true"
#
- "--certificatesresolvers.cloudflare.acme.dnschallenge=true"
- "--certificatesresolvers.cloudflare.acme.dnschallenge.provider=cloudflare"
- "--certificatesresolvers.cloudflare.acme.dnschallenge.resolvers=1.1.1.1:53,1.0.0.1:53"
- "--certificatesresolvers.cloudflare.acme.caserver=https://acme-v02.api.letsencrypt.org/directory"
- "--certificatesresolvers.cloudflare.acme.email=letsencrypt@mydomain.com"
- "--certificatesresolvers.cloudflare.acme.KeyType=EC256"
- "--certificatesresolvers.cloudflare.acme.storage=/letsencrypt/acme.json"
#
- "--certificatesresolvers.cloudflare-staging.acme.dnschallenge=true"
- "--certificatesresolvers.cloudflare-staging.acme.dnschallenge.provider=cloudflare"
- "--certificatesresolvers.cloudflare-staging.acme.dnschallenge.resolvers=1.1.1.1:53,1.0.0.1:53"
- "--certificatesresolvers.cloudflare-staging.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
- "--certificatesresolvers.cloudflare-staging.acme.email=letsencrypt@mydomain.com"
- "--certificatesresolvers.cloudflare-staging.acme.KeyType=EC256"
- "--certificatesresolvers.cloudflare-staging.acme.storage=/letsencrypt/acme.json"
#
- "--certificatesresolvers.alpn.acme.tlsChallenge=true"
- "--certificatesresolvers.alpn.acme.caserver=https://acme-v02.api.letsencrypt.org/directory"
- "[email protected]"
- "--certificatesresolvers.alpn.acme.KeyType=EC256"
- "--certificatesresolvers.alpn.acme.storage=/letsencrypt/acme.json"
#
- "--certificatesresolvers.alpn-staging.acme.tlsChallenge=true"
- "--certificatesresolvers.alpn-staging.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
- "--certificatesresolvers.alpn-staging.acme.email=letsencrypt@mydomain.com"
- "--certificatesresolvers.alpn-staging.acme.KeyType=EC256"
- "--certificatesresolvers.alpn-staging.acme.storage=/letsencrypt/acme.json"
environment:
- [email protected]
- CLOUDFLARE_API_KEY=XYZABC123
volumes:
- "./letsencrypt:/letsencrypt"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
- "./conf:/etc/traefik/conf:ro"
Replace [email protected] by the Email address to register certificates to. Also ensure to change
- [email protected] - CLOUDFLARE_API_KEY=XYZABC123
Optionally, create a Pilot token and set it (don’t forget to un-comment the line) using
# - "--pilot.token=PILOT_TOKEN_HERE"
Now let’s make the service autostart on boot (and start it right now) using the method detailed in docker-compose systemd .service generator: Run the following in /opt/traefik
curl -fsSL https://techoverflow.net/scripts/create-docker-compose-service.sh | sudo bash /dev/stdin
We will detail how to get access to the Traefik API in followup posts.
Also see: Oracle Cloud Always Free Tier ARM network speedtest
We tested Oracle Cloud free tier network performance on 2022-01-16 using:
AD2. In some less systematic tests using speedtest, AD2 performed significantly better in our speed testsubuntu@instance-20220116-0316:~$ ping 1.1.1.1 PING 1.1.1.1 (1.1.1.1) 56(84) bytes of data. 64 bytes from 1.1.1.1: icmp_seq=1 ttl=62 time=0.920 ms 64 bytes from 1.1.1.1: icmp_seq=2 ttl=62 time=1.03 ms 64 bytes from 1.1.1.1: icmp_seq=3 ttl=62 time=0.901 ms 64 bytes from 1.1.1.1: icmp_seq=4 ttl=62 time=1.00 ms 64 bytes from 1.1.1.1: icmp_seq=5 ttl=62 time=1.00 ms
ubuntu@instance-20220116-0316:~$ ping 8.8.8.8 PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data. 64 bytes from 8.8.8.8: icmp_seq=1 ttl=122 time=0.826 ms 64 bytes from 8.8.8.8: icmp_seq=2 ttl=122 time=0.829 ms 64 bytes from 8.8.8.8: icmp_seq=3 ttl=122 time=0.801 ms 64 bytes from 8.8.8.8: icmp_seq=4 ttl=122 time=0.996 ms 64 bytes from 8.8.8.8: icmp_seq=5 ttl=122 time=0.842 ms 64 bytes from 8.8.8.8: icmp_seq=6 ttl=122 time=0.840 ms
ubuntu@instance-20220116-0316:~$ traceroute 1.1.1.1 traceroute to 1.1.1.1 (1.1.1.1), 30 hops max, 60 byte packets 1 140.91.198.100 (140.91.198.100) 0.230 ms 0.175 ms 140.91.198.158 (140.91.198.158) 0.099 ms 2 oracle-svc071177-lag003320.ip.twelve99-cust.net (213.248.69.249) 16.004 ms 50.135 ms 50.095 ms 3 ffm-b11-link.ip.twelve99.net (213.248.69.248) 1.045 ms 1.132 ms 0.862 ms 4 cloudflare-ic328337-ffm-b11.ip.twelve99-cust.net (62.115.144.199) 1.142 ms 7.372 ms 1.690 ms 5 one.one.one.one (1.1.1.1) 0.733 ms 0.746 ms 0.724 ms
ubuntu@instance-20220116-0316:~$ traceroute 8.8.8.8 traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets 1 140.91.198.103 (140.91.198.103) 0.268 ms 140.91.198.98 (140.91.198.98) 0.224 ms 140.91.198.103 (140.91.198.103) 0.214 ms 2 ipv4.de-cix.fra.de.as31898.oracle.com (80.81.196.168) 0.412 ms 1.479 ms 185.1.102.135 (185.1.102.135) 0.574 ms 3 ipv4.de-cix.fra.de.as15169.google.com (80.81.193.108) 0.714 ms 185.1.102.59 (185.1.102.59) 1.172 ms 1.132 ms 4 108.170.251.129 (108.170.251.129) 0.688 ms 108.170.251.193 (108.170.251.193) 1.110 ms 108.170.251.129 (108.170.251.129) 0.705 ms 5 142.251.64.183 (142.251.64.183) 0.812 ms 142.250.62.151 (142.250.62.151) 1.061 ms 142.250.214.201 (142.250.214.201) 0.708 ms 6 dns.google (8.8.8.8) 0.918 ms 0.885 ms 0.716 ms
Also see: Oracle Cloud Always Free Tier ARM network ping
We tested Oracle Cloud free tier network performance on 2022-01-16 using:
AD2. In some less systematic tests using speedtest, AD2 performed significantly better (900Mbps AD2 instead of around 600Mbps AD1&AD3).Quick links:
ubuntu@instance-20220116-0316:~$ speedtest Retrieving speedtest.net configuration... Testing from Oracle Corporation (141.144.237.76)... Retrieving speedtest.net server list... Selecting best server based on ping... Hosted by teliko GmbH (Limburg) [50.94 km]: 2.456 ms Testing download speed................................................................................ Download: 901.05 Mbit/s Testing upload speed...................................................................................................... Upload: 918.25 Mbit/s
ubuntu@instance-20220116-0316:~$ iperf3 -c speedtest.wtnet.de -p 5200 -P 10 -4 Connecting to host speedtest.wtnet.de, port 5200 [ 5] local 10.0.0.130 port 45868 connected to 213.209.106.95 port 5200 [ 7] local 10.0.0.130 port 45870 connected to 213.209.106.95 port 5200 [ 9] local 10.0.0.130 port 45872 connected to 213.209.106.95 port 5200 [ 11] local 10.0.0.130 port 45874 connected to 213.209.106.95 port 5200 [ 13] local 10.0.0.130 port 45876 connected to 213.209.106.95 port 5200 [ 15] local 10.0.0.130 port 45878 connected to 213.209.106.95 port 5200 [ 17] local 10.0.0.130 port 45880 connected to 213.209.106.95 port 5200 [ 19] local 10.0.0.130 port 45882 connected to 213.209.106.95 port 5200 [ 21] local 10.0.0.130 port 45884 connected to 213.209.106.95 port 5200 [ 23] local 10.0.0.130 port 45886 connected to 213.209.106.95 port 5200 [ ID] Interval Transfer Bitrate Retr Cwnd [ 5] 0.00-1.00 sec 21.6 MBytes 181 Mbits/sec 1434 208 KBytes [ 7] 0.00-1.00 sec 25.6 MBytes 214 Mbits/sec 2056 69.3 KBytes [ 9] 0.00-1.00 sec 32.3 MBytes 271 Mbits/sec 2737 230 KBytes [ 11] 0.00-1.00 sec 13.1 MBytes 110 Mbits/sec 447 18.4 KBytes [ 13] 0.00-1.00 sec 24.4 MBytes 205 Mbits/sec 2349 65.0 KBytes [ 15] 0.00-1.00 sec 18.1 MBytes 152 Mbits/sec 1428 43.8 KBytes [ 17] 0.00-1.00 sec 17.3 MBytes 145 Mbits/sec 1146 77.8 KBytes [ 19] 0.00-1.00 sec 16.3 MBytes 136 Mbits/sec 1022 77.8 KBytes [ 21] 0.00-1.00 sec 18.1 MBytes 152 Mbits/sec 1260 79.2 KBytes [ 23] 0.00-1.00 sec 16.7 MBytes 140 Mbits/sec 1353 50.9 KBytes [SUM] 0.00-1.00 sec 203 MBytes 1.71 Gbits/sec 15232 - - - - - - - - - - - - - - - - - - - - - - - - - [ 5] 1.00-2.00 sec 21.2 MBytes 178 Mbits/sec 15 123 KBytes [ 7] 1.00-2.00 sec 7.50 MBytes 62.9 Mbits/sec 30 38.2 KBytes [ 9] 1.00-2.00 sec 18.8 MBytes 157 Mbits/sec 47 150 KBytes [ 11] 1.00-2.00 sec 6.25 MBytes 52.4 Mbits/sec 584 83.4 KBytes [ 13] 1.00-2.00 sec 8.75 MBytes 73.4 Mbits/sec 78 80.6 KBytes [ 15] 1.00-2.00 sec 11.2 MBytes 94.4 Mbits/sec 45 59.4 KBytes [ 17] 1.00-2.00 sec 10.0 MBytes 83.9 Mbits/sec 73 93.3 KBytes [ 19] 1.00-2.00 sec 8.75 MBytes 73.4 Mbits/sec 40 73.5 KBytes [ 21] 1.00-2.00 sec 15.0 MBytes 126 Mbits/sec 16 140 KBytes [ 23] 1.00-2.00 sec 8.75 MBytes 73.4 Mbits/sec 19 76.4 KBytes [SUM] 1.00-2.00 sec 116 MBytes 975 Mbits/sec 947 - - - - - - - - - - - - - - - - - - - - - - - - - [ 5] 2.00-3.00 sec 13.8 MBytes 115 Mbits/sec 37 99.0 KBytes [ 7] 2.00-3.00 sec 8.75 MBytes 73.4 Mbits/sec 23 73.5 KBytes [ 9] 2.00-3.00 sec 11.2 MBytes 94.4 Mbits/sec 28 74.9 KBytes [ 11] 2.00-3.00 sec 10.0 MBytes 83.9 Mbits/sec 44 65.0 KBytes [ 13] 2.00-3.00 sec 10.0 MBytes 83.9 Mbits/sec 53 65.0 KBytes [ 15] 2.00-3.00 sec 11.2 MBytes 94.4 Mbits/sec 21 90.5 KBytes [ 17] 2.00-3.00 sec 12.5 MBytes 105 Mbits/sec 24 79.2 KBytes [ 19] 2.00-3.00 sec 10.0 MBytes 83.9 Mbits/sec 30 84.8 KBytes [ 21] 2.00-3.00 sec 16.2 MBytes 136 Mbits/sec 55 105 KBytes [ 23] 2.00-3.00 sec 8.75 MBytes 73.4 Mbits/sec 26 69.3 KBytes [SUM] 2.00-3.00 sec 112 MBytes 944 Mbits/sec 341 - - - - - - - - - - - - - - - - - - - - - - - - - [ 5] 3.00-4.00 sec 12.5 MBytes 105 Mbits/sec 44 84.8 KBytes [ 7] 3.00-4.00 sec 11.2 MBytes 94.4 Mbits/sec 25 76.4 KBytes [ 9] 3.00-4.00 sec 12.5 MBytes 105 Mbits/sec 34 99.0 KBytes [ 11] 3.00-4.00 sec 10.0 MBytes 83.9 Mbits/sec 21 73.5 KBytes [ 13] 3.00-4.00 sec 10.0 MBytes 83.9 Mbits/sec 62 70.7 KBytes [ 15] 3.00-4.00 sec 13.8 MBytes 115 Mbits/sec 84 117 KBytes [ 17] 3.00-4.00 sec 13.8 MBytes 115 Mbits/sec 22 105 KBytes [ 19] 3.00-4.00 sec 11.2 MBytes 94.4 Mbits/sec 20 110 KBytes [ 21] 3.00-4.00 sec 12.5 MBytes 105 Mbits/sec 26 70.7 KBytes [ 23] 3.00-4.00 sec 10.0 MBytes 83.9 Mbits/sec 46 73.5 KBytes [SUM] 3.00-4.00 sec 118 MBytes 986 Mbits/sec 384 - - - - - - - - - - - - - - - - - - - - - - - - - [ 5] 4.00-5.00 sec 13.8 MBytes 115 Mbits/sec 10 105 KBytes [ 7] 4.00-5.00 sec 11.2 MBytes 94.4 Mbits/sec 43 113 KBytes [ 9] 4.00-5.00 sec 12.5 MBytes 105 Mbits/sec 34 63.6 KBytes [ 11] 4.00-5.00 sec 13.8 MBytes 115 Mbits/sec 34 96.2 KBytes [ 13] 4.00-5.00 sec 8.75 MBytes 73.4 Mbits/sec 58 69.3 KBytes [ 15] 4.00-5.00 sec 8.75 MBytes 73.4 Mbits/sec 61 45.2 KBytes [ 17] 4.00-5.00 sec 11.2 MBytes 94.4 Mbits/sec 30 67.9 KBytes [ 19] 4.00-5.00 sec 11.2 MBytes 94.4 Mbits/sec 73 74.9 KBytes [ 21] 4.00-5.00 sec 8.75 MBytes 73.4 Mbits/sec 25 63.6 KBytes [ 23] 4.00-5.00 sec 15.0 MBytes 126 Mbits/sec 1 123 KBytes [SUM] 4.00-5.00 sec 115 MBytes 965 Mbits/sec 369 - - - - - - - - - - - - - - - - - - - - - - - - - [ 5] 5.00-6.00 sec 15.0 MBytes 126 Mbits/sec 28 117 KBytes [ 7] 5.00-6.00 sec 16.2 MBytes 136 Mbits/sec 4 170 KBytes [ 9] 5.00-6.00 sec 10.0 MBytes 83.9 Mbits/sec 64 77.8 KBytes [ 11] 5.00-6.00 sec 11.2 MBytes 94.4 Mbits/sec 34 99.0 KBytes [ 13] 5.00-6.00 sec 10.0 MBytes 83.9 Mbits/sec 27 79.2 KBytes [ 15] 5.00-6.00 sec 8.75 MBytes 73.4 Mbits/sec 17 63.6 KBytes [ 17] 5.00-6.00 sec 11.2 MBytes 94.4 Mbits/sec 21 93.3 KBytes [ 19] 5.00-6.00 sec 8.75 MBytes 73.4 Mbits/sec 47 59.4 KBytes [ 21] 5.00-6.00 sec 8.75 MBytes 73.4 Mbits/sec 32 55.1 KBytes [ 23] 5.00-6.00 sec 15.0 MBytes 126 Mbits/sec 72 87.7 KBytes [SUM] 5.00-6.00 sec 115 MBytes 965 Mbits/sec 346 - - - - - - - - - - - - - - - - - - - - - - - - - [ 5] 6.00-7.00 sec 11.2 MBytes 94.4 Mbits/sec 78 73.5 KBytes [ 7] 6.00-7.00 sec 16.2 MBytes 136 Mbits/sec 37 110 KBytes [ 9] 6.00-7.00 sec 10.0 MBytes 83.9 Mbits/sec 53 39.6 KBytes [ 11] 6.00-7.00 sec 7.50 MBytes 62.9 Mbits/sec 43 53.7 KBytes [ 13] 6.00-7.00 sec 13.8 MBytes 115 Mbits/sec 16 106 KBytes [ 15] 6.00-7.00 sec 8.75 MBytes 73.4 Mbits/sec 20 59.4 KBytes [ 17] 6.00-7.00 sec 13.8 MBytes 115 Mbits/sec 34 72.1 KBytes [ 19] 6.00-7.00 sec 10.0 MBytes 83.9 Mbits/sec 45 46.7 KBytes [ 21] 6.00-7.00 sec 10.0 MBytes 83.9 Mbits/sec 32 74.9 KBytes [ 23] 6.00-7.00 sec 13.8 MBytes 115 Mbits/sec 15 154 KBytes [SUM] 6.00-7.00 sec 115 MBytes 965 Mbits/sec 373 - - - - - - - - - - - - - - - - - - - - - - - - - [ 5] 7.00-8.00 sec 8.75 MBytes 73.4 Mbits/sec 44 45.2 KBytes [ 7] 7.00-8.00 sec 17.5 MBytes 147 Mbits/sec 38 165 KBytes [ 9] 7.00-8.00 sec 7.50 MBytes 62.9 Mbits/sec 29 72.1 KBytes [ 11] 7.00-8.00 sec 11.2 MBytes 94.4 Mbits/sec 21 86.3 KBytes [ 13] 7.00-8.00 sec 12.5 MBytes 105 Mbits/sec 29 93.3 KBytes [ 15] 7.00-8.00 sec 10.0 MBytes 83.9 Mbits/sec 16 99.0 KBytes [ 17] 7.00-8.00 sec 11.2 MBytes 94.4 Mbits/sec 53 70.7 KBytes [ 19] 7.00-8.00 sec 7.50 MBytes 62.9 Mbits/sec 45 63.6 KBytes [ 21] 7.00-8.00 sec 10.0 MBytes 83.9 Mbits/sec 43 62.2 KBytes [ 23] 7.00-8.00 sec 18.8 MBytes 157 Mbits/sec 32 151 KBytes [SUM] 7.00-8.00 sec 115 MBytes 965 Mbits/sec 350 - - - - - - - - - - - - - - - - - - - - - - - - - [ 5] 8.00-9.00 sec 10.0 MBytes 83.9 Mbits/sec 25 80.6 KBytes [ 7] 8.00-9.00 sec 18.8 MBytes 157 Mbits/sec 41 103 KBytes [ 9] 8.00-9.00 sec 11.2 MBytes 94.4 Mbits/sec 34 72.1 KBytes [ 11] 8.00-9.00 sec 13.8 MBytes 115 Mbits/sec 5 158 KBytes [ 13] 8.00-9.00 sec 10.0 MBytes 83.9 Mbits/sec 68 67.9 KBytes [ 15] 8.00-9.00 sec 11.2 MBytes 94.4 Mbits/sec 58 65.0 KBytes [ 17] 8.00-9.00 sec 8.75 MBytes 73.4 Mbits/sec 33 65.0 KBytes [ 19] 8.00-9.00 sec 10.0 MBytes 83.9 Mbits/sec 19 105 KBytes [ 21] 8.00-9.00 sec 8.75 MBytes 73.4 Mbits/sec 30 58.0 KBytes [ 23] 8.00-9.00 sec 10.0 MBytes 83.9 Mbits/sec 40 76.4 KBytes [SUM] 8.00-9.00 sec 112 MBytes 944 Mbits/sec 353 - - - - - - - - - - - - - - - - - - - - - - - - - [ 5] 9.00-10.00 sec 12.5 MBytes 105 Mbits/sec 29 102 KBytes [ 7] 9.00-10.00 sec 12.5 MBytes 105 Mbits/sec 57 89.1 KBytes [ 9] 9.00-10.00 sec 10.0 MBytes 83.9 Mbits/sec 65 77.8 KBytes [ 11] 9.00-10.00 sec 13.8 MBytes 115 Mbits/sec 38 69.3 KBytes [ 13] 9.00-10.00 sec 12.5 MBytes 105 Mbits/sec 30 63.6 KBytes [ 15] 9.00-10.00 sec 10.0 MBytes 83.9 Mbits/sec 27 76.4 KBytes [ 17] 9.00-10.00 sec 10.0 MBytes 83.9 Mbits/sec 27 107 KBytes [ 19] 9.00-10.00 sec 16.2 MBytes 136 Mbits/sec 43 103 KBytes [ 21] 9.00-10.00 sec 10.0 MBytes 83.9 Mbits/sec 23 72.1 KBytes [ 23] 9.00-10.00 sec 10.0 MBytes 83.9 Mbits/sec 40 79.2 KBytes [SUM] 9.00-10.00 sec 118 MBytes 986 Mbits/sec 379 - - - - - - - - - - - - - - - - - - - - - - - - - [ ID] Interval Transfer Bitrate Retr [ 5] 0.00-10.00 sec 140 MBytes 118 Mbits/sec 1744 sender [ 5] 0.00-10.01 sec 137 MBytes 115 Mbits/sec receiver [ 7] 0.00-10.00 sec 146 MBytes 122 Mbits/sec 2354 sender [ 7] 0.00-10.01 sec 142 MBytes 119 Mbits/sec receiver [ 9] 0.00-10.00 sec 136 MBytes 114 Mbits/sec 3125 sender [ 9] 0.00-10.01 sec 133 MBytes 112 Mbits/sec receiver [ 11] 0.00-10.00 sec 111 MBytes 92.8 Mbits/sec 1271 sender [ 11] 0.00-10.01 sec 107 MBytes 89.7 Mbits/sec receiver [ 13] 0.00-10.00 sec 121 MBytes 101 Mbits/sec 2770 sender [ 13] 0.00-10.01 sec 118 MBytes 98.7 Mbits/sec receiver [ 15] 0.00-10.00 sec 112 MBytes 93.8 Mbits/sec 1777 sender [ 15] 0.00-10.01 sec 109 MBytes 91.4 Mbits/sec receiver [ 17] 0.00-10.00 sec 120 MBytes 101 Mbits/sec 1463 sender [ 17] 0.00-10.01 sec 116 MBytes 97.4 Mbits/sec receiver [ 19] 0.00-10.00 sec 110 MBytes 92.3 Mbits/sec 1384 sender [ 19] 0.00-10.01 sec 107 MBytes 89.3 Mbits/sec receiver [ 21] 0.00-10.00 sec 118 MBytes 99.0 Mbits/sec 1542 sender [ 21] 0.00-10.01 sec 115 MBytes 96.1 Mbits/sec receiver [ 23] 0.00-10.00 sec 127 MBytes 106 Mbits/sec 1644 sender [ 23] 0.00-10.01 sec 124 MBytes 104 Mbits/sec receiver [SUM] 0.00-10.00 sec 1.21 GBytes 1.04 Gbits/sec 19074 sender [SUM] 0.00-10.01 sec 1.18 GBytes 1.01 Gbits/sec receiver iperf Done.
ubuntu@instance-20220116-0316:~$ iperf3 -c speedtest.wtnet.de -p 5200 -P 10 -4 -R Connecting to host speedtest.wtnet.de, port 5200 Reverse mode, remote host speedtest.wtnet.de is sending [ 5] local 10.0.0.130 port 45842 connected to 213.209.106.95 port 5200 [ 7] local 10.0.0.130 port 45844 connected to 213.209.106.95 port 5200 [ 9] local 10.0.0.130 port 45846 connected to 213.209.106.95 port 5200 [ 11] local 10.0.0.130 port 45848 connected to 213.209.106.95 port 5200 [ 13] local 10.0.0.130 port 45850 connected to 213.209.106.95 port 5200 [ 15] local 10.0.0.130 port 45852 connected to 213.209.106.95 port 5200 [ 17] local 10.0.0.130 port 45854 connected to 213.209.106.95 port 5200 [ 19] local 10.0.0.130 port 45856 connected to 213.209.106.95 port 5200 [ 21] local 10.0.0.130 port 45858 connected to 213.209.106.95 port 5200 [ 23] local 10.0.0.130 port 45860 connected to 213.209.106.95 port 5200 [ ID] Interval Transfer Bitrate [ 5] 0.00-1.00 sec 102 MBytes 854 Mbits/sec [ 7] 0.00-1.00 sec 17.3 MBytes 145 Mbits/sec [ 9] 0.00-1.00 sec 6.38 MBytes 53.5 Mbits/sec [ 11] 0.00-1.00 sec 6.12 MBytes 51.3 Mbits/sec [ 13] 0.00-1.00 sec 6.38 MBytes 53.5 Mbits/sec [ 15] 0.00-1.00 sec 5.84 MBytes 49.0 Mbits/sec [ 17] 0.00-1.00 sec 5.41 MBytes 45.4 Mbits/sec [ 19] 0.00-1.00 sec 6.31 MBytes 52.9 Mbits/sec [ 21] 0.00-1.00 sec 5.82 MBytes 48.8 Mbits/sec [ 23] 0.00-1.00 sec 5.94 MBytes 49.8 Mbits/sec [SUM] 0.00-1.00 sec 167 MBytes 1.40 Gbits/sec - - - - - - - - - - - - - - - - - - - - - - - - - [ 5] 1.00-2.00 sec 14.3 MBytes 120 Mbits/sec [ 7] 1.00-2.00 sec 22.1 MBytes 185 Mbits/sec [ 9] 1.00-2.00 sec 11.5 MBytes 96.5 Mbits/sec [ 11] 1.00-2.00 sec 9.54 MBytes 80.1 Mbits/sec [ 13] 1.00-2.00 sec 9.46 MBytes 79.3 Mbits/sec [ 15] 1.00-2.00 sec 7.94 MBytes 66.6 Mbits/sec [ 17] 1.00-2.00 sec 7.42 MBytes 62.2 Mbits/sec [ 19] 1.00-2.00 sec 9.59 MBytes 80.4 Mbits/sec [ 21] 1.00-2.00 sec 13.2 MBytes 111 Mbits/sec [ 23] 1.00-2.00 sec 9.74 MBytes 81.8 Mbits/sec [SUM] 1.00-2.00 sec 115 MBytes 963 Mbits/sec - - - - - - - - - - - - - - - - - - - - - - - - - [ 5] 2.00-3.00 sec 8.18 MBytes 68.6 Mbits/sec [ 7] 2.00-3.00 sec 11.1 MBytes 92.8 Mbits/sec [ 9] 2.00-3.00 sec 14.9 MBytes 125 Mbits/sec [ 11] 2.00-3.00 sec 15.1 MBytes 126 Mbits/sec [ 13] 2.00-3.00 sec 10.8 MBytes 90.9 Mbits/sec [ 15] 2.00-3.00 sec 8.65 MBytes 72.5 Mbits/sec [ 17] 2.00-3.00 sec 10.9 MBytes 91.8 Mbits/sec [ 19] 2.00-3.00 sec 11.5 MBytes 96.1 Mbits/sec [ 21] 2.00-3.00 sec 13.2 MBytes 110 Mbits/sec [ 23] 2.00-3.00 sec 10.5 MBytes 88.3 Mbits/sec [SUM] 2.00-3.00 sec 115 MBytes 963 Mbits/sec - - - - - - - - - - - - - - - - - - - - - - - - - [ 5] 3.00-4.00 sec 12.1 MBytes 102 Mbits/sec [ 7] 3.00-4.00 sec 13.2 MBytes 110 Mbits/sec [ 9] 3.00-4.00 sec 11.0 MBytes 92.6 Mbits/sec [ 11] 3.00-4.00 sec 13.0 MBytes 109 Mbits/sec [ 13] 3.00-4.00 sec 11.6 MBytes 97.0 Mbits/sec [ 15] 3.00-4.00 sec 10.2 MBytes 85.5 Mbits/sec [ 17] 3.00-4.00 sec 10.4 MBytes 87.5 Mbits/sec [ 19] 3.00-4.00 sec 8.71 MBytes 73.1 Mbits/sec [ 21] 3.00-4.00 sec 14.7 MBytes 124 Mbits/sec [ 23] 3.00-4.00 sec 9.66 MBytes 81.0 Mbits/sec [SUM] 3.00-4.00 sec 115 MBytes 962 Mbits/sec - - - - - - - - - - - - - - - - - - - - - - - - - [ 5] 4.00-5.00 sec 13.8 MBytes 116 Mbits/sec [ 7] 4.00-5.00 sec 11.2 MBytes 94.0 Mbits/sec [ 9] 4.00-5.00 sec 8.76 MBytes 73.5 Mbits/sec [ 11] 4.00-5.00 sec 11.6 MBytes 97.2 Mbits/sec [ 13] 4.00-5.00 sec 14.9 MBytes 125 Mbits/sec [ 15] 4.00-5.00 sec 9.05 MBytes 75.9 Mbits/sec [ 17] 4.00-5.00 sec 12.4 MBytes 104 Mbits/sec [ 19] 4.00-5.00 sec 9.99 MBytes 83.8 Mbits/sec [ 21] 4.00-5.00 sec 13.8 MBytes 116 Mbits/sec [ 23] 4.00-5.00 sec 10.3 MBytes 86.1 Mbits/sec [SUM] 4.00-5.00 sec 116 MBytes 971 Mbits/sec - - - - - - - - - - - - - - - - - - - - - - - - - [ 5] 5.00-6.00 sec 13.3 MBytes 112 Mbits/sec [ 7] 5.00-6.00 sec 10.2 MBytes 85.5 Mbits/sec [ 9] 5.00-6.00 sec 12.2 MBytes 102 Mbits/sec [ 11] 5.00-6.00 sec 11.2 MBytes 94.2 Mbits/sec [ 13] 5.00-6.00 sec 16.0 MBytes 134 Mbits/sec [ 15] 5.00-6.00 sec 8.12 MBytes 68.1 Mbits/sec [ 17] 5.00-6.00 sec 10.1 MBytes 84.7 Mbits/sec [ 19] 5.00-6.00 sec 11.7 MBytes 98.3 Mbits/sec [ 21] 5.00-6.00 sec 11.4 MBytes 95.7 Mbits/sec [ 23] 5.00-6.00 sec 10.9 MBytes 91.7 Mbits/sec [SUM] 5.00-6.00 sec 115 MBytes 966 Mbits/sec - - - - - - - - - - - - - - - - - - - - - - - - - [ 5] 6.00-7.00 sec 16.5 MBytes 138 Mbits/sec [ 7] 6.00-7.00 sec 15.3 MBytes 128 Mbits/sec [ 9] 6.00-7.00 sec 10.8 MBytes 90.9 Mbits/sec [ 11] 6.00-7.00 sec 7.67 MBytes 64.3 Mbits/sec [ 13] 6.00-7.00 sec 8.88 MBytes 74.5 Mbits/sec [ 15] 6.00-7.00 sec 9.65 MBytes 81.0 Mbits/sec [ 17] 6.00-7.00 sec 8.26 MBytes 69.3 Mbits/sec [ 19] 6.00-7.00 sec 12.8 MBytes 107 Mbits/sec [ 21] 6.00-7.00 sec 15.8 MBytes 132 Mbits/sec [ 23] 6.00-7.00 sec 8.70 MBytes 73.0 Mbits/sec [SUM] 6.00-7.00 sec 114 MBytes 958 Mbits/sec - - - - - - - - - - - - - - - - - - - - - - - - - [ 5] 7.00-8.00 sec 8.85 MBytes 74.2 Mbits/sec [ 7] 7.00-8.00 sec 18.7 MBytes 157 Mbits/sec [ 9] 7.00-8.00 sec 7.53 MBytes 63.1 Mbits/sec [ 11] 7.00-8.00 sec 9.67 MBytes 81.1 Mbits/sec [ 13] 7.00-8.00 sec 5.62 MBytes 47.1 Mbits/sec [ 15] 7.00-8.00 sec 14.6 MBytes 123 Mbits/sec [ 17] 7.00-8.00 sec 10.7 MBytes 90.1 Mbits/sec [ 19] 7.00-8.00 sec 10.6 MBytes 89.2 Mbits/sec [ 21] 7.00-8.00 sec 22.3 MBytes 187 Mbits/sec [ 23] 7.00-8.00 sec 6.36 MBytes 53.4 Mbits/sec [SUM] 7.00-8.00 sec 115 MBytes 966 Mbits/sec - - - - - - - - - - - - - - - - - - - - - - - - - [ 5] 8.00-9.00 sec 13.8 MBytes 115 Mbits/sec [ 7] 8.00-9.00 sec 13.3 MBytes 111 Mbits/sec [ 9] 8.00-9.00 sec 9.93 MBytes 83.3 Mbits/sec [ 11] 8.00-9.00 sec 13.6 MBytes 114 Mbits/sec [ 13] 8.00-9.00 sec 8.48 MBytes 71.1 Mbits/sec [ 15] 8.00-9.00 sec 13.7 MBytes 115 Mbits/sec [ 17] 8.00-9.00 sec 12.6 MBytes 106 Mbits/sec [ 19] 8.00-9.00 sec 8.90 MBytes 74.6 Mbits/sec [ 21] 8.00-9.00 sec 11.4 MBytes 95.9 Mbits/sec [ 23] 8.00-9.00 sec 10.1 MBytes 85.0 Mbits/sec [SUM] 8.00-9.00 sec 116 MBytes 972 Mbits/sec - - - - - - - - - - - - - - - - - - - - - - - - - [ 5] 9.00-10.00 sec 15.4 MBytes 130 Mbits/sec [ 7] 9.00-10.00 sec 7.63 MBytes 64.0 Mbits/sec [ 9] 9.00-10.00 sec 9.52 MBytes 79.8 Mbits/sec [ 11] 9.00-10.00 sec 18.8 MBytes 158 Mbits/sec [ 13] 9.00-10.00 sec 16.5 MBytes 138 Mbits/sec [ 15] 9.00-10.00 sec 8.81 MBytes 73.9 Mbits/sec [ 17] 9.00-10.00 sec 8.84 MBytes 74.1 Mbits/sec [ 19] 9.00-10.00 sec 10.9 MBytes 91.7 Mbits/sec [ 21] 9.00-10.00 sec 7.89 MBytes 66.1 Mbits/sec [ 23] 9.00-10.00 sec 9.79 MBytes 82.0 Mbits/sec [SUM] 9.00-10.00 sec 114 MBytes 957 Mbits/sec - - - - - - - - - - - - - - - - - - - - - - - - - [ ID] Interval Transfer Bitrate Retr [ 5] 0.00-10.01 sec 221 MBytes 186 Mbits/sec 1160 sender [ 5] 0.00-10.00 sec 218 MBytes 183 Mbits/sec receiver [ 7] 0.00-10.01 sec 143 MBytes 119 Mbits/sec 990 sender [ 7] 0.00-10.00 sec 140 MBytes 117 Mbits/sec receiver [ 9] 0.00-10.01 sec 106 MBytes 88.5 Mbits/sec 430 sender [ 9] 0.00-10.00 sec 103 MBytes 86.0 Mbits/sec receiver [ 11] 0.00-10.01 sec 120 MBytes 101 Mbits/sec 378 sender [ 11] 0.00-10.00 sec 116 MBytes 97.6 Mbits/sec receiver [ 13] 0.00-10.01 sec 112 MBytes 93.6 Mbits/sec 555 sender [ 13] 0.00-10.00 sec 109 MBytes 91.1 Mbits/sec receiver [ 15] 0.00-10.01 sec 99.5 MBytes 83.4 Mbits/sec 470 sender [ 15] 0.00-10.00 sec 96.6 MBytes 81.1 Mbits/sec receiver [ 17] 0.00-10.01 sec 99.7 MBytes 83.6 Mbits/sec 496 sender [ 17] 0.00-10.00 sec 97.2 MBytes 81.5 Mbits/sec receiver [ 19] 0.00-10.01 sec 103 MBytes 86.6 Mbits/sec 449 sender [ 19] 0.00-10.00 sec 101 MBytes 84.7 Mbits/sec receiver [ 21] 0.00-10.01 sec 133 MBytes 111 Mbits/sec 465 sender [ 21] 0.00-10.00 sec 130 MBytes 109 Mbits/sec receiver [ 23] 0.00-10.01 sec 94.1 MBytes 78.9 Mbits/sec 426 sender [ 23] 0.00-10.00 sec 92.0 MBytes 77.2 Mbits/sec receiver [SUM] 0.00-10.01 sec 1.20 GBytes 1.03 Gbits/sec 5819 sender [SUM] 0.00-10.00 sec 1.17 GBytes 1.01 Gbits/sec receiver iperf Done. u
const mqtt = require('mqtt')
const client = mqtt.connect('mqtt://user:[email protected]')
client.on('connect', () => {
client.subscribe('mytopic');
})
client.on('message', (topic, message) => {
console.log(topic, JSON.parse(message))
})
If required, you can install the mqtt library using
npm i --save mqtt
Also see: NodeJS MQTT minimal subscribe example with JSON messages
const mqtt = require('mqtt')
const client = mqtt.connect('mqtt://user:[email protected]')
client.on('connect', () => {
client.subscribe('mytopic');
})
client.on('message', (topic, message) => {
console.log(topic, message)
})
If required, you can install the mqtt library using
npm i --save mqtt
On the host sending the data:
iperf3 -s
On the host receiving the data:
iperf3 -c [IP address of host sending the data]
for example:
iperf3 -c 192.168.178.22
TechOverflow tested Wireguard bandwidth / throughput on the TPLink WDR3600 with OpenWRT 21.02, based on a standard iperf3 TCP benchmark. We did not use Pre-shared keys in this setup.
So far we were able to verify that the Wireguard bandwidth is approximately 27Mbit/s (unidirectional), measured using iperf3.
Connecting to host 192.168.239.254, port 5201 [ 5] local 10.9.1.104 port 57502 connected to 192.168.239.254 port 5201 [ ID] Interval Transfer Bitrate Retr Cwnd [ 5] 0.00-1.00 sec 3.48 MBytes 29.2 Mbits/sec 0 215 KBytes [ 5] 1.00-2.00 sec 3.86 MBytes 32.4 Mbits/sec 0 387 KBytes [ 5] 2.00-3.00 sec 3.13 MBytes 26.2 Mbits/sec 0 470 KBytes [ 5] 3.00-4.00 sec 3.37 MBytes 28.3 Mbits/sec 0 470 KBytes [ 5] 4.00-5.00 sec 3.31 MBytes 27.8 Mbits/sec 0 470 KBytes [ 5] 5.00-6.00 sec 3.31 MBytes 27.8 Mbits/sec 0 470 KBytes [ 5] 6.00-7.00 sec 3.31 MBytes 27.8 Mbits/sec 0 470 KBytes [ 5] 7.00-8.00 sec 2.76 MBytes 23.1 Mbits/sec 0 470 KBytes [ 5] 8.00-9.00 sec 3.31 MBytes 27.8 Mbits/sec 0 470 KBytes [ 5] 9.00-10.00 sec 2.76 MBytes 23.1 Mbits/sec 0 470 KBytes - - - - - - - - - - - - - - - - - - - - - - - - - [ ID] Interval Transfer Bitrate Retr [ 5] 0.00-10.00 sec 32.6 MBytes 27.4 Mbits/sec 0 sender [ 5] 0.00-10.14 sec 32.0 MBytes 26.4 Mbits/sec receiver
During the test, top consistently showed 0% idle CPU load, with the load being approximately 51% sys and 49% sirq.
The commands in use were
iperf3 -s
on the WDR3600 and
iperf -c [IP address of WDR3600]
on the client.
When running iperf -c [IP address] you see this error message:
connect failed: Operation in progress
You are running different iperf versions on the server and the client. Typically this error occurs if the client is running iperf 2.x whereas the server is running iperf 3.x.
Check using iperf --version. In my case, on the client, it was
iperf version 2.0.13 (21 Jan 2019) pthreads
on OpenWRT.
Run this on your OpenWRT router to automatically re-resolve DNS names for peers.
/usr/bin/wireguard_watchdog is automatically installed with the standard wireguard package, so you only need to enable it to run every minute:
echo '* * * * * /usr/bin/wireguard_watchdog' >> /etc/crontabs/root
Source: This commit message.
Install using
opkg update opkg install luci-proto-wireguard
You can use wg show to check if a client is connected:
interface: Computer public key: X6NJW+IznvItD3B5TseUasRPjPzF0PkM5+GaLIjdBG4= private key: (hidden) listening port: 19628 peer: H3KaL/X94984cLDNWFsM4Hx6Rs/Ku0bW2ECkDUn7wFw= endpoint: 10.9.1.108:19628 allowed ips: 10.217.59.2/32 latest handshake: 27 seconds ago transfer: 13.19 MiB received, 12.70 MiB sent persistent keepalive: every 1 minute
Look for this line:
latest handshake: 27 seconds ago
If it’s less than two minutes old, the client is connected.
If the latest handshake line is missing entirely, the peer has never connected successfully!
If in doubt, you can often ping the client to verify. It depends on the client configuration and possibly firewall settings if it will answer the ping but it never hurts to try.
In this example we will use Wireguard-ESP32-Arduino in order to make HTTP requests over Wireguard on the ESP32.
[env:esp32-gateway]
platform = espressif32
board = esp32-gateway
framework = arduino
monitor_speed = 115200
lib_deps =
ciniml/WireGuard-ESP32@^0.1.5#include <WiFi.h>
#include <WireGuard-ESP32.h>
// WiFi configuration --- UPDATE this configuration for your WiFi AP
char ssid[] = "MyWifiESSID";
char password[] = "my-wifi-password";
// WireGuard configuration --- UPDATE this configuration from JSON
char private_key[] = "gH2YqDa+St6x5eFhomVQDwtV1F0YMQd3HtOElPkZgVY=";
IPAddress local_ip(10, 217, 59, 2);
char public_key[] = "X6NJW+IznvItD3B5TseUasRPjPzF0PkM5+GaLIjdBG4=";
char endpoint_address[] = "192.168.178.133"; // IP of Wireguard endpoint to connect to.
int endpoint_port = 19628;
static WireGuard wg;
void setup()
{
Serial.begin(115200);
Serial.println("Connecting to the AP...");
WiFi.begin(ssid, password);
while( !WiFi.isConnected() ) {
delay(100);
}
Serial.println(WiFi.localIP());
Serial.println("Adjusting system time...");
configTime(9 * 60 * 60, 0, "ntp.jst.mfeed.ad.jp", "ntp.nict.jp", "time.google.com");
Serial.println("Connected. Initializing WireGuard...");
wg.begin(
local_ip,
private_key,
endpoint_address,
public_key,
endpoint_port);
}
void loop()
{
WiFiClient client;
/**
* Connect to
* python3 -m http.server
*/
if( !client.connect("10.217.59.1", 8000) ) {
Serial.println("Failed to connect...");
delay(1000);
return;
} else { // Client connected successfully. Send dummy HTTP request.
client.write("GET /wireguard-test HTTP/1.1\r\n");
client.write("Host: wireguard.test.com\r\n");
client.write("\r\n\r\n");
}
}Remember to replace 192.168.238.133 by the IP address of the computer your ESP32 should connect to (i.e. the computer running WireGuard). You also need to enter the correct Wifi credentials.
On the computer, deploy this WireGuard config:
[Interface] # Name = Computer PrivateKey = ONj6Iefel47uMKtWRCSMLan2UC5eW3Fj9Gsy9bqcyEc= Address = 10.217.59.1/24 ListenPort = 19628 [Peer] # Name = ESP32 PublicKey = H3KaL/X94984cLDNWFsM4Hx6Rs/Ku0bW2ECkDUn7wFw= AllowedIPs = 10.217.59.2/32 PersistentKeepalive = 60
which is auto-generated by the following GuardMyWire config:
{
"rules": {
"Node": {
"connect_to": ["*"],
"keepalive": 60
}
},
"peers": [
{
"name": "Computer",
"endpoint": "192.168.178.233:19628",
"addresses": [
"10.217.59.1/24"
],
"type": "Node",
"interface_name": "wg0"
}, {
"name": "ESP32",
"addresses": [
"10.217.59.2/24"
],
"type": "Node",
"interface_name": "wg0"
}
]
}
Enable this config and start a Python HTTP server to receive the requests using
python3 -m http.server
Now flash the firmware on the ESP32.
Using wg show you should see the ESP connecting:
interface: Computer public key: X6NJW+IznvItD3B5TseUasRPjPzF0PkM5+GaLIjdBG4= private key: (hidden) listening port: 19628 peer: H3KaL/X94984cLDNWFsM4Hx6Rs/Ku0bW2ECkDUn7wFw= endpoint: 10.9.1.108:19628 allowed ips: 10.217.59.2/32 latest handshake: 5 seconds ago transfer: 11.71 MiB received, 10.43 MiB sent persistent keepalive: every 1 minute
Look for the
latest handshake: 5 seconds ago
line.
On the shell running python3 -m http.server you should see the dummy HTTP requests:
10.217.59.2 - - [31/Dec/2021 02:36:48] "GET /wireguard-test HTTP/1.1" 404 - 10.217.59.2 - - [31/Dec/2021 02:36:48] code 404, message File not found 10.217.59.2 - - [31/Dec/2021 02:36:48] "GET /wireguard-test HTTP/1.1" 404 - 10.217.59.2 - - [31/Dec/2021 02:36:48] code 404, message File not found 10.217.59.2 - - [31/Dec/2021 02:36:48] "GET /wireguard-test HTTP/1.1" 404 - 10.217.59.2 - - [31/Dec/2021 02:36:48] code 404, message File not found