the route poker as is, currently is a linux only thing and it's kind of hacky. we end up having to periodically probe the routing table to figure out if we need to modify it. this was done because i wanted to make it work and all i had to reference was openvpn. the way it is done now also does not allow us to do selective routing, which is something users have been asking for (i want it too).
ideally i want to remove the route poker and delegate the responsibility of route management to the system layer using nftables. i can see 2 primary modes of operation:
- (opt out) any user not belonging to a group
_lokinet-direct would be forced to route traffic over the lokitun0 interface.
- (opt in) any user in the
_lokinet-tunnel group will always use the lokitun0 interface for traffic.
this means future route management would not be done by lokinet process on linux. this would also make the route management code on every other platform much simpler as they all offload this to the system layer already.
the route poker as is, currently is a linux only thing and it's kind of hacky. we end up having to periodically probe the routing table to figure out if we need to modify it. this was done because i wanted to make it work and all i had to reference was openvpn. the way it is done now also does not allow us to do selective routing, which is something users have been asking for (i want it too).
ideally i want to remove the route poker and delegate the responsibility of route management to the system layer using nftables. i can see 2 primary modes of operation:
_lokinet-directwould be forced to route traffic over thelokitun0interface._lokinet-tunnelgroup will always use thelokitun0interface for traffic.this means future route management would not be done by lokinet process on linux. this would also make the route management code on every other platform much simpler as they all offload this to the system layer already.