WireGuard App on Android allows only one connection simultaneously
Endre Szabo
endre.szabo at wg-ml-rkaofgr.redir.email
Wed Sep 21 08:56:21 UTC 2022
Hi,
On Wed, Sep 21, 2022 at 08:29:17+0000, Simon Rozman wrote:
> Unfortunately, this is a limitation of Android OS supporting only 1 (one) VPN connection at a time.
Just a theoretical thought experiment (I don't know Android arch well, I might be wrong at any of these points):
- AFAIK, having a VPN (VPN app) on an Android involves creating a tun device for that app
- kernel RPDB mumbo-jumbo (Android has set that up) will route (all or app-specific (based on processid?) selected) traffic to that VPN app
- the VPN app will be left with 'the default routing table' free to establish unlimited outbound unencrypted connections
- WG on android is implemented in userspace, in the WG app (using go implementation?)
- Since this app has unlimited/untunneled access via 'the default routing table' it is free to establish more than 1 WG sessions (of course, in-app cryptokey routing and all the usual limitations still apply)
- Current WG app (and especially its widget) will not allow only one VPN session at a time.
Would it be possible to lift this limitation? Or is this limitation of another nature?
--Endre
More information about the WireGuard
mailing list