Contents

• Introduction
• Quick Start
• Setup and Run
• Trouble Shooting Guide

Introduction

Welcome to the 21YB Acceleration Tunnel Integration Guide for Linux. This guide will help you seamlessly integrate the 21YB Acceleration Tunnel into your Linux project. Before you begin, follow the steps below to get started.

Quick Start

1. Obtain a test account from your account manager

To begin the integration process, you’ll need to obtain the test account a yb_uid from your account manager. If you haven’t received these, please contact your account manager to get started.

Setup and Run

2. Install OpenVPN Client

For Ubuntu 22+ or Debian users:

Update package list:

sudo apt update

Install OpenVPN

sudo apt install openvpn

For CentOS users:

Enable EPEL repository:

sudo yum install epel-release

Install OpenVPN

sudo yum install openvpn

Or Generic Linux:

Follow the guidance from https://openvpn.net/community-downloads/ to install OpenVPN client.

If you have successfully install OpenVPN, run:

openvpn --version

You should be able to see something like below:

OpenVPN 2.5.5 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jul 14 2022
library versions: OpenSSL 3.0.2 15 Mar 2022, LZO 2.10
Originally developed by James Yonan
Copyright (C) 2002-2021 OpenVPN Inc <sales@openvpn.net>
Compile time defines: enable_async_push=no enable_comp_stub=no enable_crypto_ofb_cfb=yes enable_debug=yes enable_def_auth=yes enable_dependency_tracking=no enable_dlopen=unknown enable_dlopen_self=unknown enable_dlopen_self_static=unknown enable_fast_install=needless enable_fragment=yes enable_iproute2=no enable_libtool_lock=yes enable_lz4=yes enable_lzo=yes enable_maintainer_mode=no enable_management=yes enable_multihome=yes enable_option_checking=no enable_pam_dlopen=no enable_pedantic=no enable_pf=yes enable_pkcs11=yes enable_plugin_auth_pam=yes enable_plugin_down_root=yes enable_plugins=yes enable_port_share=yes enable_selinux=no enable_shared=yes enable_shared_with_static_runtimes=no enable_silent_rules=no enable_small=no enable_static=yes enable_strict=no enable_strict_options=no enable_systemd=yes enable_werror=no enable_win32_dll=yes enable_x509_alt_username=yes with_aix_soname=aix with_crypto_library=openssl with_gnu_ld=yes with_mem_check=no with_sysroot=no

Note: Currently, 21YB Acceleration Tunnel supports OpenVPN 2.5.5 and above. Ensure you install the proper version to get it all working.

3. Download the configure file on the server

Depending on your business’s needs, you can download the configuration file simply using curl, or download it using your favorite programming languages. For reference, using curl, you can do:

curl -O https://<CLIENT_DEDICATED_DOMAIN>/<DEVICE_ID>

Note: Your configuration files will be hosted on a custom domain and a dedicated server. Contact your account manager if you’re not sure about the CLIENT_DEDICATED_DOMAIN.

To dynamically generate more device IDs, you can check out the APIPOST /u/<yb_uid>/devices in “SMS Auth Services API Documentation”.

Note: One configuration per device principle is applied to better assist in management. So, do not share configurations or keys between your devices (iPhones / Android Phones / Linux servers).

4. Start connection

Once you have a configuration downloaded on your Linux device, you can start the connection by running:

openvpn <DEVICE_ID>

If you connected successfully, you should be able to see something like:

2023-09-21 15:18:40 --cipher is not set. Previous OpenVPN version defaulted to BF-CBC as fallback when cipher negotiation failed in this case. If you need this fallback please add '--data-ciphers-fallback BF-CBC' to your configuration and/or add BF-CBC to --data-ciphers.
2023-09-21 15:18:40 OpenVPN 2.5.5 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jul 14 2022
2023-09-21 15:18:40 library versions: OpenSSL 3.0.2 15 Mar 2022, LZO 2.10
2023-09-21 15:18:40 TCP/UDP: Preserving recently used remote address: [AF_INET]<SOME_IP>:<SOME_PORT>
2023-09-21 15:18:40 UDP link local: (not bound)
2023-09-21 15:18:40 UDP link remote: [AF_INET]<SOME_IP>:<SOME_PORT>
2023-09-21 15:18:40 [<SOME_IP>] Peer Connection Initiated with [AF_INET]<SOME_IP>:<SOME_PORT>
2023-09-21 15:18:41 TUN/TAP device tun0 opened
2023-09-21 15:18:41 net_iface_mtu_set: mtu 1500 for tun0
2023-09-21 15:18:41 net_iface_up: set tun0 up
2023-09-21 15:18:41 net_addr_ptp_v4_add: <SOME_IP> peer <SOME_IP> dev tun0
2023-09-21 15:18:41 Initialization Sequence Completed

Note: IP and Ports are purposely hidden in the above log.

Trouble Shooting Guide

Q1: How do I know if I’m connected to the tunnel?

1. Check your dashboard; you should see your connection with YB_UID shown there.

2. See your IP address, follow the steps below:

Before connecting to the tunnel, follow these steps to verify your connection:

Get your current IP address of the Linux device by running:

curl https://myip.21cloudbox.com

Once you’re connected to the tunnel, perform the following steps to confirm your connection:

1. Check your IP address again by running:

curl https://myip.21cloudbox.com

1. If the connection is successful, your IP address should now reflect our tunnel IP address, not your original one.

Note: Please be aware that the myip.21cloudbox.com server is hosted in China, so if you are developing outside China, you may experience a 1-2 second delay depending on your location.

Q2: I’m encountering difficulties connecting to XYZ APIs or services while connected to the tunnel.

This issue is intentional and stems from the restricted access to certain services and APIs. Here’s what you can do:

1. Review our allowed services and APIs list. If the service you need is not on the list, contact your account manager with a valid reason for accessing it. We will work with you to add the necessary IP addresses for access.

2. For Firebase services, our system continuously updates our IP address database to ensure seamless connectivity. However, if you experience difficulties connecting to Firebase services in China, please reach out to your account manager. Explain the specific Firebase services you are having trouble with, and we will assist you from there.

Note: Access to new APIs or services may take some time due to the need to ensure compliance with Chinese laws. Please be patient during this process.

By following these troubleshooting steps, you can ensure a smoother experience while using our tunnel service. If you have further questions or issues, don’t hesitate to contact our support team. We are here to assist you.

Ready to try 21YunBox?

Get Started