mirror of https://github.com/TrustTunnel/TrustTunnel.git synced 2026-04-07 16:57:26 +00:00

Files

Andrey Yakushin ab0e6713bc Pull request 178: Fix sending deferred headers after StreamBlocked

Squashed commit of the following:

commit 7b93fde43d
Author: boommy <a.yakushin>
Date:   Tue Mar 3 17:13:53 2026 +0400

    Make flush do nothing by default

commit 791d1906a5
Author: boommy <a.yakushin>
Date:   Tue Mar 3 17:13:44 2026 +0400

    Do not send deferred headers in write method

commit 03075b729d
Author: boommy <a.yakushin>
Date:   Tue Mar 3 17:10:54 2026 +0400

    Flush at the start of data exchange

commit 13a420a4a7
Author: boommy <a.yakushin>
Date:   Tue Mar 3 17:05:41 2026 +0400

    Consume deferred headers in flush method and utilize WaitingWritable event for it

commit 08ccb5b216
Author: boommy <a.yakushin>
Date:   Tue Mar 3 17:04:15 2026 +0400

    Remove consuming deferred headers from wait_writable

commit fb1305d264
Author: boommy <a.yakushin>
Date:   Tue Mar 3 17:02:12 2026 +0400

    Extend ulimit for bench remote container

2026-03-11 09:48:37 +00:00

local-side

Pull request 160: Handle StreamBlocked error

2026-02-18 06:36:01 +00:00

middle-box

Pull request 88: Rename vpn_endpoint to trusttunnel_endpoint

2025-12-17 18:22:07 +03:00

remote-side

Pull request 125: More reliable bench tests

2026-01-30 18:12:06 +00:00

.gitignore

Pull request 82: Update project name to TrustTunnel

2025-12-15 17:10:10 +03:00

Dockerfile

Pull request 125: More reliable bench tests

2026-01-30 18:12:06 +00:00

README.md

Pull request 125: More reliable bench tests

2026-01-30 18:12:06 +00:00

single_host.sh

Pull request 178: Fix sending deferred headers after StreamBlocked

2026-03-11 09:48:37 +00:00

README.md

Architecture

The benchmark consists of 3 isolated parts:

remote-side - acts as HTTP servers for the benchmark
middle-box - acts as a VPN endpoint host, either WireGuard or TrustTunnel
local-side - acts as a benchmark running host, can establish tunnels to the server residing on the remote side through the VPN endpoint

How to run

Single host

Build docker images
```
cd ./bench
./single_host.sh build --client=<TrustTunnelClient.git> --endpoint=<TrustTunnel.git>
```
This command prepares all the parts to run on the current host. To see the full set of the available options run:
```
./single_host.sh --help
```
Run the benchmark
```
./single_host.sh run
```
This command runs all the parts of the benchmark on the current host.

Separate hosts

Assume IP addresses of host_1, host_2 and host_3 are 1.1.1.1, 2.2.2.2 and 3.3.3.3 respectively.

Running host_1 as a remote side

scp Dockerfile user@1.1.1.1:~
scp -r remote-side user@1.1.1.1:~
ssh user@1.1.1.1
docker build -t bench-common .
docker build -t bench-rs ./remote-side
docker run -d -p 8080:8080 -p 5201:5201 -p 5201:5201/udp bench-rs

Running host_2 as a middle box

scp Dockerfile user@2.2.2.2:~
git clone <TrustTunnel.git> ./middle-box/trusttunnel-rust/trusttunnel-endpoint
scp -r middle-box user@2.2.2.2:~
ssh user@2.2.2.2
docker build -t bench-common .

WireGuard

docker build -t bench-mb-wg ./middle-box/wireguard
docker run -d \
  --cap-add=NET_ADMIN --cap-add=SYS_MODULE --device=/dev/net/tun \
  -p 51820:51820/udp \
  bench-mb-wg

TrustTunnel

docker build \
  --build-arg ENDPOINT_HOSTNAME=endpoint.bench \
  -t bench-mb-ag ./middle-box/trusttunnel-rust/
docker run -d \
  --cap-add=NET_ADMIN --cap-add=SYS_MODULE --device=/dev/net/tun \
  -p 4433:4433 -p 4433:4433/udp \
  bench-mb-ag

Run the benchmark from host_3

scp Dockerfile user@3.3.3.3:~
git clone <TrustTunnel.git> ./local-side/trusttunnel/trusttunnel-endpoint
scp -r local-side user@3.3.3.3:~
ssh user@3.3.3.3
docker build -t bench-common .
docker build -t bench-ls ./local-side

No VPN

./local-side/bench.sh no-vpn bridge 1.1.1.1 results/no-vpn

WireGuard

docker build -t bench-ls-wg ./local-side/wireguard
./local-side/bench.sh wg bridge 1.1.1.1 results/wg 2.2.2.2

TrustTunnel

docker build -t bench-ls-ag ./local-side/trusttunnel
./local-side/bench.sh ag bridge 1.1.1.1 results/ag 2.2.2.2 endpoint.bench