use udp when possible
I think it's quite simple to add UDP support again: it's just a matter of parsing each remote, and add the udp version first in the remotes list.
--remote 212.83.143.67 443 udp --remote 212.83.143.67 443 tcp \
--remote 212.83.144.12 443 udp --remote 212.83.144.12 443 tcp \
there's only one problem though, and it's called bitmask-root: we have to route DNS to a different gateway for each. we can watch management to know where we're connecting:
Wed Apr 7 18:14:38 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]212.83.143.67:443
Wed Apr 7 18:14:38 2021 UDP link local (bound): [AF_INET][undef]:1194
Wed Apr 7 18:14:38 2021 UDP link remote: [AF_INET]212.83.143.67:443
with verbosity level 3, we get the PUSH option from the server, that we can also use to inject the DNS redirect dynamically:
PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS 10.42.0.1
maybe we can just do the UDP gateway and implement a call in bitmask-root for changing it if we observe that we did a fallback to TCP. equivalent changes need to be done in the pf firewall.
By the way, unrelated but I wonder if the "preserving recently used remote address" will not interfere with manual gateway selection...