Fix bugs

- force route construction
- use same entry = exit

Author: dynco-nym

nym-gateway-probe/bla.sh

@@ -0,0 +1,16 @@
+#!/bin/bash
+set -e
+
+# curl https://docs-demo.quiknode.pro/ \
+#     -X POST \
+#     -H "Content-Type: application/json" \
+#     --data '{"jsonrpc":"2.0","method":"web3_clientVersion","params":[],"id":1}'
+
+
+cargo run -- \
+    --netstack-download-timeout-sec 60 \
+    --netstack-num-ping 10 \
+    --netstack-send-timeout-sec 3 \
+    --netstack-recv-timeout-sec 3 \
+    --min-gateway-mixnet-performance 0 \
+    run-local --mnemonic "${MAINNET_MNEMONIC}" --only-wireguard 

nym-gateway-probe/src/lib.rs

@@ -128,6 +128,15 @@ impl CredentialArgs {
     }
 }
 
+#[derive(Args)]
+pub struct Socks5Args {
+    #[arg(long, default_value_t = 45)]
+    mixnet_client_timeout_sec: u64,
+
+    #[arg(long, default_value_t = 10)]
+    test_count: u64,
+}
+
 #[derive(Default, Debug)]
 pub enum TestedNode {
     #[default]
@@ -167,6 +176,7 @@ pub struct Probe {
     amnezia_args: String,
     netstack_args: NetstackArgs,
     credentials_args: CredentialArgs,
+    socks5_args: Socks5Args,
 }
 
 impl Probe {
@@ -175,13 +185,15 @@ impl Probe {
         tested_node: TestedNode,
         netstack_args: NetstackArgs,
         credentials_args: CredentialArgs,
+        socks5_args: Socks5Args,
     ) -> Self {
         Self {
             entrypoint,
             tested_node,
             amnezia_args: "".into(),
             netstack_args,
             credentials_args,
+            socks5_args,
         }
     }
     pub fn with_amnezia(&mut self, args: &str) -> &Self {
@@ -197,7 +209,7 @@ impl Probe {
     ) -> anyhow::Result<ProbeResult> {
         let exit_gateway = match gateway_key {
             Some(gateway_key) => NodeIdentity::from_base58_string(gateway_key)?,
-            None => directory.random_exit_with_ipr()?,
+            None => directory.random_exit_with_nr()?,
         };
         info!("Testing SOCKS5 only on exit gateway {}", exit_gateway);
         let node_info = directory
@@ -206,7 +218,15 @@ impl Probe {
 
         let socks5_outcome = {
             if let Some(ref nr_details) = node_info.network_requester_details {
-                match do_socks5_connectivity_test(&nr_details.address, network_details).await {
+                match do_socks5_connectivity_test(
+                    &nr_details.address,
+                    network_details,
+                    directory,
+                    self.socks5_args.mixnet_client_timeout_sec,
+                    self.socks5_args.test_count,
+                )
+                .await
+                {
                     Ok(results) => Some(results),
                     Err(e) => {
                         error!("SOCKS5 test failed: {}", e);
@@ -274,6 +294,7 @@ impl Probe {
             nyxd_url,
             tested_entry,
             only_wireguard,
+            directory,
         )
         .await
     }
@@ -354,6 +375,7 @@ impl Probe {
             nyxd_url,
             tested_entry,
             only_wireguard,
+            directory,
         )
         .await
     }
@@ -410,6 +432,7 @@ impl Probe {
         nyxd_url: Url,
         tested_entry: bool,
         only_wireguard: bool,
+        directory: NymApiDirectory,
     ) -> anyhow::Result<ProbeResult>
     where
         T: MixnetClientStorage + Clone + 'static,
@@ -532,6 +555,9 @@ impl Probe {
                 match do_socks5_connectivity_test(
                     &nr_details.address,
                     NymNetworkDetails::new_from_env(),
+                    directory,
+                    self.socks5_args.mixnet_client_timeout_sec,
+                    self.socks5_args.test_count,
                 )
                 .await
                 {
@@ -849,14 +875,15 @@ async fn do_ping_exit(
     listen_for_icmp_ping_replies(mixnet_client, our_ips).await
 }
 
-const TEST_REPEAT_COUNT: usize = 10;
-
 /// Creates a SOCKS5 proxy connection through the mixnet to the exit GW
 /// and performs necessary tests.
 #[instrument(level = "info", name = "socks5_test", skip_all)]
 async fn do_socks5_connectivity_test(
     network_requester_address: &str,
     network_details: NymNetworkDetails,
+    directory: NymApiDirectory,
+    mixnet_client_timeout: u64,
+    test_run_count: u64,
 ) -> anyhow::Result<Socks5ProbeResults> {
     info!(
         "Starting SOCKS5 test through Network Requester: {}",
@@ -866,7 +893,7 @@ async fn do_socks5_connectivity_test(
     let mut results = Socks5ProbeResults::default();
 
     // parse the network requester address
-    let _nr_recipient = match network_requester_address.parse::<Recipient>() {
+    let nr_recipient = match network_requester_address.parse::<Recipient>() {
         Ok(addr) => addr,
         Err(e) => {
             error!("Invalid Network Requester address: {}", e);
@@ -876,19 +903,58 @@ async fn do_socks5_connectivity_test(
         }
     };
 
+    info!(
+        "Network Requester gateway: {}",
+        nr_recipient.gateway().to_base58_string()
+    );
+    info!(
+        "Network Requester identity: {}",
+        nr_recipient.identity().to_base58_string()
+    );
+
     // create ephemeral SOCKS5 client
     let socks5_config = Socks5::new(network_requester_address.to_string());
 
-    // mainnet
+    // Create debug config similar to main probe
+    let mut debug_config = nym_client_core::config::DebugConfig::default();
+    debug_config
+        .traffic
+        .disable_main_poisson_packet_distribution = true;
+    debug_config.cover_traffic.disable_loop_cover_traffic_stream = true;
+    debug_config.topology.ignore_egress_epoch_role = true;
+    // since we define both entry & exit gateways to be the same tested GW,
+    // this shouldn't negatively affect mixnet layers but it will force route
+    // construction in case GW would get filtered out on topology refresh
+    debug_config.topology.minimum_gateway_performance = 0;
+
+    // Verify the NR gateway exists in the directory with exit_nr role
+    let nr_gateway_id = nr_recipient.gateway();
+    if let Err(e) = directory.exit_gateway_nr(&nr_gateway_id) {
+        results.https_connectivity = HttpsConnectivityResult::with_error(e.to_string());
+        return Ok(results);
+    } else {
+        info!("✔️ Network Requester gateway found in directory with exit_nr role");
+    }
+
+    // use intended exit as entry as well
+    let entry_gateway = nr_gateway_id;
+
     let socks5_client_builder = MixnetClientBuilder::new_ephemeral()
+        // Specify entry gateway explicitly
+        .request_gateway(entry_gateway.to_base58_string())
         .socks5_config(socks5_config)
         .network_details(network_details)
+        .debug_config(debug_config)
         .build()?;
 
     // connect to mixnet via SOCKS5
     let socks5_client = match socks5_client_builder.connect_to_mixnet_via_socks5().await {
         Ok(client) => {
             info!("Successfully established SOCKS5 proxy connection");
+            info!(
+                "Connected via entry gateway: {}",
+                client.nym_address().gateway().to_base58_string()
+            );
             results.can_connect_socks5 = true;
             client
         }
@@ -900,7 +966,10 @@ async fn do_socks5_connectivity_test(
         }
     };
 
-    let test = HttpsConnectivityTest::new(TEST_REPEAT_COUNT);
+    info!("Waiting for network topology to be ready...");
+    tokio::time::sleep(Duration::from_secs(10)).await;
+
+    let test = HttpsConnectivityTest::new(test_run_count, mixnet_client_timeout);
     results.https_connectivity = test.run_tests(socks5_client.socks5_url()).await;
 
     // cleanup

nym-gateway-probe/src/nodes.rs

@@ -202,6 +202,16 @@ impl NymApiDirectory {
             .map(|(id, _)| *id)
     }
 
+    pub fn random_exit_with_nr(&self) -> anyhow::Result<NodeIdentity> {
+        info!("Selecting random gateway with NR enabled");
+        self.nodes
+            .iter()
+            .filter(|(_, n)| n.described.description.ip_packet_router.is_some())
+            .choose(&mut rand::thread_rng())
+            .ok_or(anyhow!("no gateways running NR available"))
+            .map(|(id, _)| *id)
+    }
+
     pub fn random_entry_gateway(&self) -> anyhow::Result<NodeIdentity> {
         info!("Selecting random entry gateway");
         self.nodes
@@ -231,7 +241,7 @@ impl NymApiDirectory {
 
     pub fn exit_gateway_nr(&self, identity: &NodeIdentity) -> anyhow::Result<DirectoryNode> {
         let Some(maybe_entry) = self.nodes.get(identity).cloned() else {
-            bail!("{identity} does not exist")
+            bail!("{identity} not found in directory")
         };
         if !maybe_entry.described.description.declared_role.exit_nr {
             bail!("{identity} doesn't support exit NR mode")

nym-gateway-probe/src/run.rs

@@ -5,7 +5,7 @@ use clap::{Parser, Subcommand};
 use nym_bin_common::bin_info;
 use nym_config::defaults::setup_env;
 use nym_gateway_probe::nodes::NymApiDirectory;
-use nym_gateway_probe::{CredentialArgs, NetstackArgs, ProbeResult, TestedNode};
+use nym_gateway_probe::{CredentialArgs, NetstackArgs, ProbeResult, Socks5Args, TestedNode};
 use nym_sdk::NymNetworkDetails;
 use nym_sdk::mixnet::NodeIdentity;
 use std::path::Path;
@@ -69,6 +69,10 @@ struct CliArgs {
     /// Arguments to manage credentials
     #[command(flatten)]
     credential_args: CredentialArgs,
+
+    /// Arguments to configure socks5 probe
+    #[command(flatten)]
+    socks5_args: Socks5Args,
 }
 
 const DEFAULT_CONFIG_DIR: &str = "/tmp/nym-gateway-probe/config/";
@@ -157,8 +161,13 @@ pub(crate) async fn run() -> anyhow::Result<ProbeResult> {
         (None, _) => TestedNode::SameAsEntry,
     };
 
-    let mut trial =
-        nym_gateway_probe::Probe::new(entry, test_point, args.netstack_args, args.credential_args);
+    let mut trial = nym_gateway_probe::Probe::new(
+        entry,
+        test_point,
+        args.netstack_args,
+        args.credential_args,
+        args.socks5_args,
+    );
     if let Some(awg_args) = args.amnezia_args {
         trial.with_amnezia(&awg_args);
     }

nym-gateway-probe/src/types.rs

@@ -162,19 +162,20 @@ impl HttpsConnectivityResult {
 }
 
 pub struct HttpsConnectivityTest {
-    test_count: usize,
+    test_count: u64,
+    mixnet_client_timeout: Duration,
 }
 
-/// currently we test against this endpoint
+/// endpoint to test against
 /// https://www.quicknode.com/docs/ethereum/web3_clientVersion
 const TARGET_URL: &str = "https://docs-demo.quiknode.pro";
 const POST_BODY: &str = r#"{"jsonrpc":"2.0","method":"web3_clientVersion","params":[],"id":1}"#;
-const MIXNET_TIMEOUT: Duration = Duration::from_secs(60);
 
 impl HttpsConnectivityTest {
-    pub fn new(test_count: usize) -> Self {
+    pub fn new(test_count: u64, mixnet_client_timeout: u64) -> Self {
         Self {
             test_count: std::cmp::max(test_count, 1),
+            mixnet_client_timeout: Duration::from_secs(mixnet_client_timeout),
         }
     }
 
@@ -191,8 +192,7 @@ impl HttpsConnectivityTest {
 
         let client = match reqwest::Client::builder()
             .proxy(proxy)
-            // longer timeout for mixnet
-            .timeout(MIXNET_TIMEOUT)
+            .timeout(self.mixnet_client_timeout)
             .build()
         {
             Ok(c) => c,
@@ -202,9 +202,9 @@ impl HttpsConnectivityTest {
             }
         };
 
-        let mut successful_runs = 0;
-        for i in 0..self.test_count {
-            info!("Running test {}/{}", i + 1, self.test_count);
+        let mut successful_runs = 0u64;
+        for i in 1..self.test_count + 1 {
+            info!("Running test {}/{}", i, self.test_count);
             let interim_res = self.perform_https_request(&client).await;
             if interim_res.https_success
                 && let Some(latency_ms) = interim_res.https_latency_ms
@@ -217,11 +217,17 @@ impl HttpsConnectivityTest {
                 );
                 result.https_success = true;
                 result.https_status_code = interim_res.https_status_code;
-                info!("{}/{} latency: {}ms", i + 1, self.test_count, latency_ms);
+                info!("{}/{} latency: {}ms", i, self.test_count, latency_ms);
             } else if let Some(new_error) = interim_res.error {
-                result.error = result
-                    .error
-                    .map(|existing| format!("{},{}", existing, new_error));
+                result.error = Some(result.error.map_or(new_error.clone(), |existing| {
+                    format!("{},{}", existing, new_error)
+                }))
+            }
+
+            // too many failed runs: return early
+            if successful_runs < 2 && i - successful_runs > 2 {
+                // if < 2 runs, we don't have to calculate average before returning
+                return result;
             }
         }
         result.https_latency_ms = result
@@ -241,7 +247,7 @@ impl HttpsConnectivityTest {
         let mut result = HttpsConnectivityResult::default();
         let start = Instant::now();
         match tokio::time::timeout(
-            MIXNET_TIMEOUT,
+            self.mixnet_client_timeout,
             client
                 .post(TARGET_URL)
                 .header(reqwest::header::CONTENT_TYPE, "application/json")
@@ -271,7 +277,7 @@ impl HttpsConnectivityTest {
             Err(_) => {
                 warn!(
                     "HTTPS request timed out after {}s",
-                    MIXNET_TIMEOUT.as_secs()
+                    self.mixnet_client_timeout.as_secs()
                 );
                 if result.error.is_none() {
                     result.error = Some("HTTPS request timed out".to_string());