-
Notifications
You must be signed in to change notification settings - Fork 23
QuantumGate UDP Protocol
Starting from version 0.3 QuantumGate also supports connecting to peers via the UDP protocol in addition to the TCP protocol. Support for UDP was added based on the modular design for communication gateways, which allows for easily adding additional underlying network protocols.
Apart from the existing main handshake that is performed immediately after establishing a TCP/IP connection, there's a smaller handshake being performed first when establishing a UDP connection. As soon as the smaller UDP handshake is finished, the main handshake procedure is started.
There are several advantages that come with support for UDP connections in QuantumGate which are discussed below.
QuantumGate's UDP connection uses a different protocol through which the main protocol gets tunneled. This adds one more way to fool traffic analyzers in cases where they have identified the main protocol used in TCP connections. In cases where TCP connections are blocked, UDP connections can be used which have a different traffic signature. Both UDP and TCP connections can also be used simultaneously to add to the confusion.
QuantumGate's UDP protocol supports IP/Network roaming which allows peers to change IP addresses and networks while staying connected to each other as long as they don't do so simultaneously. Where TCP/IP connections break whenever one of two connected peers change their IP addresses, for example by switching from one WIFI network to another one, UDP connections established by QuantumGate continue working as normal. Consider the following scenarios:
- Switching from SIM to wireless (and/or vice versa) is often one of the use cases for mobile devices such as laptops or tablets.
- Switching from a wired connection to a wireless connection (and/or vice versa), for example while on the move at the workplace or office.
- Switching wireless connections outdoors, for example at a shopping mall while moving from one location's free WIFI hotspot to another.
When the switch happens in the above scenarios, the IP address of the device changes (on the local network and/or publicly on the Internet). In the case of TCP/IP the connection would break and have to be established again which can cause all kinds of inconveniences like breaking established communications such as active downloads or voice- and video calls. When using the QuantumGate UDP connection, everything would continue working normally again as soon as the switch has happened. The connection is automatically put in a suspended state during the switch (when it takes longer than a configurable amount of time to hear back from the peer), and resumed later.
This support for IP/Network roaming can also add to the confusion when it comes to traffic analysis and traffic monitoring.
The ability to suspend and resume UDP connections by QuantumGate allows for maintaining long-lived connections that can span days or weeks with interruptions in between. The amount of time for which a UDP connection can be suspended is configurable in QuantumGate. This allows for the following example scenarios:
- Putting a computer to sleep at night, wake up in the morning and continue using a connection to a VPN running QuantumGate without having to do a completely new handshake to establish the connection again.
- Losing Internet access for many hours due to connectivity issues with an ISP, and resuming established UDP connections as soon as connectivity with the ISP is restored.
This support for long lived connections can also add to the confusion when it comes to traffic analysis and traffic monitoring.