Network NetworkSee also: protocol, authentication, encryption and multicast DNS
| Type | Bind option | Availability | Information |
|----------------------|--------------|------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------|
| TCP | bind-tcp | All | | QUIC | bind-quic | All | | SSL | bind-ssl | All | | SSH | bind-ssh | All | |
WebSocket | bind-ws | All | |
Secure WebSocket | bind-wss | All | |
RFB | bind-rfb | desktop and shadow servers only | Allows VNC clients
to connect | | unix domain socket | bind |
Posix | Local connections or via SSH | |
named-pipe | bind | MS Windows | #1150 | |
vsock | bind-vsock | Linux | host - guest
virtual machines connections - see #983 |
TCP sockets can also be upgraded transparently to
(Secure) WebSocket, SSL,
SSH and RFB, so a single TCP port
can support 6 different protocols automatically.
Unencrypted modes like plain-TCP and
plain-WebSocket can also be secured with AES.
All the sockets that can be accessed via a network connection (all but
vsock and named-pipe) will usually be
published via multicast DNS. On Posix,
unix-domain-sockets are exposed as SSH as we
assume that a local SSH server is always available.
By default, local unix domain sockets (--bind=auto which
is the default) also create abstract sockets,
use --bind=noabstract if needed.
See also: Security Considerations
xpra seamless --start=xterm --bind-tcp=0.0.0.0:10000xpra attach ws://localhost:10000/The same address (10000 here) can also be opened in a browser to use the HTML5 client:
xdg-open http://localhost:10000/echo -n thepassword > password.txt
xpra seamless --start=xterm --bind-ssh=0.0.0.0:10000,auth=file,filename=password.txtxpra attach ssh://localhost:10000/The client will prompt for the password, as found in the
password.txt file and not the regular shell account
password.
Xpra will try to detect your network adapter and connection
characteristics, and it should adapt to changing network capacity and
performance. However, it may not always get it right, and you may need
to turn off bandwidth detection (bandwidth-detection
option) and / or specify your own bandwidth constraints.
(bandwidth-limit option).
The performance of each session will be affected by the network link speed, in particular bufferbloat is known to cause severe performance degradations as xpra is quite sensitive to network jitter and latency, try to eliminate bufferbloat in your network. This is now a solvable problem See A little bump in the wire that makes your Internet faster, bufferbloat faq.
QUIC should offer the lowest latency, though it may need some tuning.
For Linux systems, Queueing in the Linux Network Stack is recommended reading for a deeper understanding.
You can see how much bandwidth is used and how good the picture latency is using the "Graphs" tab of the "Session Info" dialog found in Xpra's own menu:
More network information is available elsewhere in the "Session Info" dialog or via the "xpra info" command.
Tunnels and VPNs can and often do mangle traffic, causing extra
latency and generally making it more difficult to identify issues.
When investigating connection or latency issues, prefer direct
connections that bypass any proxy, VPN, firewall, tunnel, etc Then only
re-add these potential bottlenecks if the direct connection exhibits the
same behaviour.
Also prefer plain TCP connections over their WebSocket / SSL / QUIC
counterparts - comparing different connection types can also provide
useful data points.
Always ensure that there are no major warnings in the server log or
client output, these may already point to the root cause (ie: GPU
contention, encoding or decoding errors, etc).
Running xpra info | grep latency does capture some
important measurements, these differ from network testing tools like
ping because the samples are captured from the application
itself, as it is experienced by the software, and after traversing all
the operating system and library layers that sit between the wire and
the software.
Comparing these values with the more crude values obtained from
ping, tcpping or nmap can already
expose significant sources of latency because the application is much
more sensitive to system load and memory bandwidth than raw wire
data.
xpra info is normally used against a server when no
address is specified, but it can also be used to collect data directly
from a client process. The client does send some of this data to the
server, but more of it is accessible by connecting directly to the
client.
From the output of xpra info:
connection.client.ping_latency this is the application
ping latency as experienced by the client when it pings the serverconnection.server.ping_latency this is the application
ping latency as experienced by the server when it pings the clientdamage.frame-total-latency the average total time it
takes for a screen update to be displayed on the client (to the
backbuffer only - not including vblank or any compositor buffering)damage.client-latency the average frame time without
decoding or displaying itdamage.in_latency the average delay between receiving
screen update notifications from an application and actually processing
themAs for the suffixes:
avg: averagecur: currentmin: minimum value seenmax: maximum value seen90p: 90 percentileping_latency is much higher on the server, this
usually indicates an overloaded serverxpra info does
interfere somewhat with the process being queried, as it creates some
extra contention for resources, which can affect the behaviour of the
application or the data collected or both