AirVpn Wireguard via OpenWrt slow in the evenings (wireguard_watchdog solution?)

[Raking8518 0]

From the AirVpn Generator I configured as follows: OS: Router -> protocol: WireGuard -> By continents (recommended): Europe -> Generate

I use Wireguard via my OpenWrt router.

According to my understanding, once the Wireguard interface from my router first connects, a server from Europe is chosen that doesn't have too much load. However, afterwards the server isn't change anymore. It stays there, until either the router or the interface is restarted.

My question is, if /usr/bin/wireguard_watchdog is the solution? I changed the script so that it re-resolves endpoint hostname every time. I run the script every 15mins. So this way when the server becomes too loaded a different server should be resolved to, right?

Custom script based on wireguard_watchdog:
 

#!/bin/sh
# SPDX-License-Identifier: GPL-2.0
#
# Copyright (C) 2018 Aleksandr V. Piskunov <aleksandr.v.piskunov@gmail.com>.
# Copyright (C) 2015-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
#
# This watchdog script tries to re-resolve hostnames for inactive WireGuard peers.
# Use it for peers with a frequently changing dynamic IP.
# persistent_keepalive must be set, recommended value is 25 seconds.
#
# Run this script from cron every 15th minute:
# echo '*/15 * * * * /usr/bin/wireguard_watchdog_custom' >> /etc/crontabs/root

. /lib/functions.sh

check_peer_activity() {
  local cfg=$1
  local iface=$2
  local disabled
  local public_key
  local endpoint_host
  local endpoint_port
  local persistent_keepalive
  local last_handshake
  local idle_seconds

  config_get_bool disabled "${cfg}" "disabled" 0
  config_get public_key "${cfg}" "public_key"
  config_get endpoint_host "${cfg}" "endpoint_host"
  config_get endpoint_port "${cfg}" "endpoint_port"

  if [ "${disabled}" -eq 1 ]; then
    # skip disabled peers
    return 0
  fi

  persistent_keepalive=$(wg show ${iface} persistent-keepalive | grep ${public_key} | awk '{print $2}')

  # only process peers with endpoints and keepalive set
  [ -z ${endpoint_host} ] && return 0;
  [ -z ${persistent_keepalive} -o ${persistent_keepalive} = "off" ] && return 0;

  # skip IP addresses
  # check taken from packages/net/ddns-scripts/files/dynamic_dns_functions.sh
  local IPV4_REGEX="[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}"
  local IPV6_REGEX="\(\([0-9A-Fa-f]\{1,4\}:\)\{1,\}\)\(\([0-9A-Fa-f]\{1,4\}\)\{0,1\}\)\(\(:[0-9A-Fa-f]\{1,4\}\)\{1,\}\)"
  local IPV4=$(echo ${endpoint_host} | grep -m 1 -o "$IPV4_REGEX$")    # do not detect ip in 0.0.0.0.example.com
  local IPV6=$(echo ${endpoint_host} | grep -m 1 -o "$IPV6_REGEX")
  [ -n "${IPV4}" -o -n "${IPV6}" ] && return 0;

  # re-resolve endpoint hostname if not responding for too long
  logger -t "wireguard_monitor" "trying to re-resolve hostname: wg set ${iface} peer ${public_key} endpoint ${endpoint_host}:${endpoint_port}"
  echo "wireguard_monitor: trying to re-resolve hostname: wg set ${iface} peer ${public_key} endpoint ${endpoint_host}:${endpoint_port}"
  wg set ${iface} peer ${public_key} endpoint "${endpoint_host}:${endpoint_port}"
}

# query ubus for all active wireguard interfaces
wg_ifaces=$(ubus -S call network.interface dump | jsonfilter -e '@.interface[@.up=true]' | jsonfilter -a -e '@[@.proto="wireguard"].interface' | tr "\n" " ")

# check every peer in every active wireguard interface
config_load network
for iface in $wg_ifaces; do
  config_foreach check_peer_activity "wireguard_${iface}" "${iface}"
done

[Raking8518 0]

running this:
wg set AirVpn peer (public peer key)= endpoint europe3.vpn.airdns.org:1637

Works a couple of times, but then, after a while DNS stops working. Can't resolve any domain names. Not sure why that could be?
 

[benfitita 39]

Idea is ok. I'm wondering if you notice any slowdowns or interruptions during the switch with voice/audio calls.

When it comes to performance, I'd also consider not using the whole Europe. You might have slower performance with some locations due to higher latency because of distance or unfortunate peering setups.