From 82d2bbb6f611f916e1c20e33b693209df2d82a30 Mon Sep 17 00:00:00 2001 From: cyberta <cyberta@riseup.net> Date: Tue, 2 Feb 2021 16:52:53 -0800 Subject: [PATCH] describing the setup fallback mechanism with flow charts --- .../connection_setup_fallback_strategy.md | 57 +++++++++++++++++++ 1 file changed, 57 insertions(+) diff --git a/client_specs/connection_setup_fallback_strategy.md b/client_specs/connection_setup_fallback_strategy.md index e69de29..5629cf5 100644 --- a/client_specs/connection_setup_fallback_strategy.md +++ b/client_specs/connection_setup_fallback_strategy.md @@ -0,0 +1,57 @@ + +## Generic client behavior + +The client receives a in eip-service.json all valid network protocol / port combinations for each supported transport (openvpn/obfs4) of each gateway. +The client strictly follows these combinations by the scheme below and doesn't use hard-coded combinations of network protocol/port/transport. +If a provider supports the menshen geoip service, the order of gateways the client tries to connect to is determined by the menshen geoip service json. +If a provider doesn't support that service, the order of gateways is determined by the client sided offline timezone calculation (_TODO: add link to timezon calculation here_) + +```mermaid +graph TD; +subgraph Openvpn Setup; + id0([connection setup start])-->id1 + id1{connection attempt nw protocol/port}-->|success| id1.2; + id1-->|failure| id2; + id1.2{Traffic integrety checks}-->|success| idSuccess; + id1.2-->|failure| id2; + id2{Has different nw protocol/port combination?}-->|yes| id1; + id2-->|no| id3; + id3{next openvpn gateway available?}-->|yes, switch gateway| id1 + id3-->|no| id4 + idSuccess([Established well working connection]) + id4{Provider supports PT?}-->|yes| idChangeTransport + id4-->|no| idFailure + idFailure([exit]) + idChangeTransport([Ask user to switch to pluggable transports]) + end +``` + +## Intended flow using recommended network protocol and port combinations + +This is an example showing the recommended flow of network protocol and port combinations. It's the providers reponsibility to serve the right order of network protocol, port combinations for each supported transport of each gateway. + +```mermaid +graph TD; +subgraph Openvpn Setup; + id0{next openvpn gateway available?}-->|yes| id1 + id0-->|no| id4 + id1{UDP 1194}-->|success| id1.2; + id1-->|failure| id2; + id1.2{Traffic integrety checks}-->|success| idSuccess; + id1.2-->|failure| id2; + id2{UDP 53}-->|success| id2.2; + id2-->|failure| id3; + id2.2{Traffic integrety checks}-->|success| idSuccess; + id2.2-->|failure| id3; + id3{TCP 443}-->|success| id3.1; + id3.1{Traffic integrety checks}-->|success| idSuccess; + id3.1-->|failure| id0 + id3-->|failure| id0 + idSuccess([Established well working connection]) + id4{Provider supports PT?}-->|yes| idChangeTransport + id4-->|no| idFailure + idFailure([exit]) + idChangeTransport([Ask user to switch to pluggable transports]) + end + +``` -- GitLab