Bug 428569

Summary: VPN connection not work
Product: [Applications] kdeconnect Reporter: micet2004-github
Component: android-applicationAssignee: Albert Vaca Cintora <albertvaka>
Status: CONFIRMED ---    
Severity: normal CC: antheas, KDE, kdebugzilla
Priority: NOR    
Version: unspecified   
Target Milestone: ---   
Platform: Android   
OS: Android 9.x   
URL: https://f-droid.org/de/packages/org.kde.kdeconnect_tp/
Latest Commit: Version Fixed In:

Description micet2004-github 2020-11-01 16:12:19 UTC
Version: 1.15.0
https://f-droid.org/de/packages/org.kde.kdeconnect_tp/

STEPS TO REPRODUCE
1. Have a Mobile connection (no WLan connection)
2. Start a VPN  (e.g. Wireguard)
3. Try to connect to a computer

OBSERVED RESULT
Conection not work

EXPECTED RESULT
Connection work

SOFTWARE/OS VERSIONS
Android: lineage OS 16
Comment 1 Martin Zboƙil 2020-11-28 15:11:41 UTC
Hello, I am having (almost) same 'issue' with openvpn, but I don't think vpn in question is relevant - what is relevant is network topology effectively disabling local discovery.

android client of kdeconnect seems not using it's list of custom device IPs more than once it is added, if it would have used that list instead of relying solely on local discovery via broadcast, the issue would not have existed.

I would love to use the kdeconnect, but I believe that I need vpn more.
Comment 2 Michal Kec (MiK) 2021-05-22 15:58:27 UTC
I can confirm the bug with OpenVPN and recent Plasma 5.21.

Although I can ping all devices in my LAN, or access TCP ports/services, KDEConnect is unable to discover the devices. 

I event tried to add the IP address of the computer manually, but no luck. https://userbase.kde.org/KDEConnect#Running_KDE_Connect_over_OpenVPN


Operating System: KDE neon 5.21
KDE Plasma Version: 5.21.5
KDE Frameworks Version: 5.82.0
Qt Version: 5.15.2
Kernel Version: 5.8.0-53-generic
OS Type: 64-bit
Graphics Platform: X11
Comment 3 ak 2021-09-19 10:50:08 UTC
Looking over at Wireshark, it appears that the identity UDP packet has grown to be around 1700-1850 bytes, ie a Jumbo Frame.

The reason is that the identity packet lists all of the device's capabilities, which have grown to be a lot. 

When in a local LAN (according to Wireshark) the router/phone fragments the packet into two and sends it correctly to the computer. However, OpenVPN not having this capability sends half of the packet, which gets ignored by the computer.

Perhaps the proper solution would be to rework the protocol to fix the packet size, but that may require modification of all the clients that implement the protocol.

However, there is a botch available.

The default upper limit of UDP packets in most interfaces is 1500 bytes. OpenVPN has a fragment option that would split the identity packet, but it's not supported in Android. Another option is to use the tun-mtu-extra option, which will resize the internal buffer of OpenVPN to be able to accept larger packets, with whatever issue that may cause.

Adding the following two lines in the client/server configs of OpenVPN fixes the issue by allowing the packet through.
tun-mtu sets the max packet size to be 1500 (if it's not already) and tun-mtu-extra allows OpenVPN to accept packets up to 500 bytes larger (so up to 2000).

tun-mtu 1500
tun-mtu-extra 500

It would be nice to edit the KDE Connect readme at least for the time being with the above option.
https://userbase.kde.org/KDEConnect#Running_KDE_Connect_over_OpenVPN

Software:
Phone: KDE Connect 1.17 (also tried 1.13), Android 10, Official OpenVPN client (unofficial also has this issue)
Computer: kdeconnect 21.08.1-1, OpenVPN 2.5.3