Who needs BGP when you got Route Bender 4000
JUST BEND YOUR WAY DoWN YOUr DESTINY
Addon for: https://github.com/Ne00n/pipe-builder-3000/
https://github.com/Ne00n/wg-mesh
Why
Getting lower latency while gaming online
Setup
Wireguard as transport network + entry point
Features
- Automatic Latency optimization
Just game seriously - Cutting Edge Latency detection
In case a IP does not like to ping, it will MTR it, ask plugins and plus some other stuff - Cutting Edge rebending on idle connections
If a connection is idle, it will be rebended after x hours to offer the lowest latency - Rebending Protection on active connections
If a connection cannot be optimized currently, it will be ignored until idle - Packetloss bending protection
Won't bend if Packetloss is detected over a specific route - Pray & Disconnect if exit dies
If any exit dies, all routes will be removed once detected - Automatic housekeeping If a optimized connection has not been used for a bit, it will be removed
For Debian/Ubuntu.
apt-get install -y pmacct git libsystemd-dev python3 python3-pip && pip3 install pyasn systemd-python netaddr pyasn
git clone https://github.com/Ne00n/route-bender-4000.git
cd route-bender-4000
#Optional, Download the current asn database file
rm asn.dat && pyasn_util_download.py --latestv4 && pyasn_util_convert.py --single rib.202* asn.dat
#Create a new routing table
echo '333 BENDER' >> /etc/iproute2/rt_tables
#Move config files
cp config/pmacctd.conf /etc/pmacct/
cp config/nodes.example.json config/nodes.json
cp config/config.example.json config/config.json
#Enable NAT for vxlan and the default interface
ip6tables -t nat -A POSTROUTING -o vxlan1v6 -j MASQUERADE
iptables -t nat -A POSTROUTING -o vxlan1 -j MASQUERADE
iptables -t nat -A POSTROUTING -o $(ip route show default | awk '/default/ {{print $5}}' | tail -1) -j MASQUERADE
ip6tables -t nat -A POSTROUTING -o $(ip -6 route show default | awk '/default/ {{print $5}}' | tail -1) -j MASQUERADE
You can configure config/config.json based on your needs but you don't have to.
However, you have to edit config/nodes.json to add the Nodes you wish to be used for optimization.
For example, a Node has the IP 10.0.1.1, which for the VXLAN would be 10.0.251.1, for source based routing its 10.0.252.1
So for this node you add 10.0.252.1 to nodes.json.
Make sure your wg-mesh/pipe-builder network is running and you can reach the Nodes before you continue.
You can either run the route-bender manually, which I guess you don't wanna do but you still could, as mentioned in Usage.
Or you can run it either as a deamon or via pmacctd.
Basically pmacctd starts the route-bender.
The better option is, to just run it as a service / deamon with systemd.
pmacctd
If you wanna run route-bender with pmacctd just leave it as is, by default pmacctd starts route-bender.
You just have to enable pmacctd.
systemctl enable pmacctd && systemct start pmacctd
The default interface pmacctd listens on is called server, make sure to use that, you can edit it though.
deamon
If you wanna use route-bender as a service / deamon, you have to edit the pmacctd config file.
You have to remove the last line.
print_trigger_exec[print]: /root/route-bender-4000/bender.py
And restart pmacctd.
systemct restart pmacctd
Copy the systemd service file and start the service.
cp config/bender.service /etc/systemd/system/
systemctl enable bender
systemctl start bender
Connecting
In my use case, I game on a Windows machine and connect via wireguard to my Raspberry PI.
So I can toggle the optimization on and off.
You can run the route-bender locally or on a VPS and connect to it.
The route-bender does NOT run on Windows, you need a linux machine in-between.
By running the route-bender local, you selectively only optimize traffic where it makes sense, aka reducing latency.
Otherwise you may end up, increasing your latency in general by forcing all traffic via that VPN.
Every ms counts.
When you setup the wireguard connection on your server, make sure the interface is called "server".
So its picked up by pmacctd.
Usage
python3 bender.py
python3 bender.py deamon
python3 bender.py debug 1.1.1.1
python3 bender.py optimize 1.1.1.1 53
python3 bender.py level debug / info (default) / warning
python3 bender.py show
python3 bender.py clear
pmacct will execute bender.py every 60s, but you can still do it manually
Reset everything
systemctl stop pmacctd
rm data/history.json && rm data/loadBalancing.json
python3 bender.py clear
systemctl start pmacctd
Update asn data
pyasn_util_download.py --latestv46 && pyasn_util_convert.py --single rib.202* asn.dat
#or IPv4 only
pyasn_util_download.py --latestv4 && pyasn_util_convert.py --single rib.202* asn.dat
Debugging
By default the logging runs on INFO and is getting saved to bender.log
You can switch it to debug by supplying the parameter: bender.py level debug
If you use functions such as optimize, debug, show, stats, clear... these are not logged, only printed, since they are intended for manual use.
Settings
ignore, if you wanna ignore an entire ASN, e.g Vivox
By default, all ports will be monitored, to ignore ports, add them to ignorePorts
If you want to skip that for specific ASN's then set ports = false e.g Fastly
By default every subnet will be associated with the closest server. If loadBalancing is set to False,
the first IP that does a connection to that ASN will determine the server for the entire ASN
If the latency improvement is below 2ms or none, you can force bending by setting force to True
You can define the size of the subnet that will be used to route dyn, /24 (default) or /32,
dyn uses the actual subnet size from the routing table, this could result in issues when used for example with Microsoft or Google.
Since they route the entire subnet, e.g /10 internally.
You can enable multi if the primary IP is not pingable it tries to figure out the gateway.
This works for fine for some Networks like AWS but can cause problems with others like Google.
Blacklist/Whitelist can be used to ignore/allow certain nodes for a specific ASN.
lazy is by default enabled, it will not initially optimize active connections.
config.json examples
#Fastly CDN (Reddit...)
"54113" :{"ignore":false,"ports":false,"loadBalancing":true,"force":true,"route":"dyn"}
#Google (Youtube...)
"15169":{"ignore":false,"ports":true,"loadBalancing":true,"route":"/24"}
#Vivox (Voice communications, Valorant, Siege, Overwatch)
"393218":{"ignore":true,"ports":true,"loadBalancing":true,"route":"/24"}
You can also define ASN groups
"32163,55497,57976,40551":{"name":"blizzard","ignore":false,"ports":true,"loadBalancing":true,"route":"dyn"}