Diagnostic Tool

The Diagnostic Tool is a standalone binary designed to perform various network tests, including DNS, HTTP, and gateway connectivity tests. This tool helps diagnose connectivity issues and provides insights into network performance.

It’s also possible to run it within the daemon with the same CLI interface.

Download Binary

To get nym-diagnostic follow these steps:

1. Download `nym-vpn-core`

Navigate to github.com/nymtech/nym-vpn-client/releases (opens in a new tab)
Find latest nym-vpn-core-<VERSION>
Download version for your system

2. Install or extract and make executable

If you downloaded .deb installer, install it with this command:

sudo dpkg -i <FILE_NAME>

If you downloaded .tar.gz, in terminal you can extract the file with

tar -xvf <FILE_NAME>

Navigate inside the directory and make executable:

cd nym-vpn-core-<VERSION>
chmod +x ./*

CLI Usage

The Diagnostic Tool can be executed from the command line interface (CLI). Below are the usage instructions and options available. Read in the chapter Tests Performed about the purpose and outcome of these commands.

Command Syntax

./nym-diagnostic [command] [options]
./nym-vpnc diagnostic [command] [options]

`run` command arguments

The most useful command is run, here are the options for that command:

-h, --help      Display help information and exit.
--skip-dns      Skip the DNS tests
--skip-http     Skip the HTTP tests
--gateway <ID_KEY>  Run the gateway connectivity test on the given gateway. Skip those tests if not provided
-v, --verbose   Enable verbose output for detailed logging.

`register` command arguments

Command register requires valid credential. Here are the options for that command:

--gateway <ID_KEY>    Register to the given gateway
--storage-path    Path to the directory containing the credentials database. If it is not valid registration will be skipped.
--skip-wireguard  Skip Wireguard tests

Command Examples

Run all tests on a gateway:

./nym-diagnostic run --gateway <ID_KEY>

Run the DNS tests only:

./nym-diagnostic run --skip-http

sudo ./nym-diagnostic register --gateway <ID_KEY> --storage-path /var/lib/nym-vpnd/mainnet 
# sudo is required to read the database

You can also run DNS and HTTP tests from nym-vpnc (installation here):

./nym-vpnc diagnostic run

Tests Performed

The Diagnostic Tool runs the following tests:

1. DNS Test

Purpose: To check the resolution DNS availability.
Process: We try to resolve all the domain names present in a given nym network environment with different DNS configurations
Output: Displays the resolved IP address and the time taken for the resolution.

2. HTTP Test

Purpose: To verify the accessibility of the NymVPN API.
Process: The tool query the health endpoint as well as the nodes/described endpoint.
Output: Displays the response of the health endpoint, the time skew and the number of nodes in the network (sanity check)

3. Gateway Test

Purpose: To check the connectivity to a given gateway.
Process: The tool fetches information about the gateway, then establishes a TCP connection, upgrades it to WS and sends a request
Output: Display the gateway reported information, the status of the connections and the WS response.

4. Registration Test

Purpose: To check the correctness of the registration process.
Process: The tool tries to build a mixnet client to the provided gateway and then tries to register to the entry authenticator
Output: Display the status of the different steps
Caveat: This test requires a credential to be spent, which is why it is available as a separate command only

5. Wireguard Test

Purpose: To check the soundness of a wireguard connection
Process: The tool uses the registration data from the previous step to establish a wireguard connection and ping an IP.
Output: Display the ping RTTs and any error that might have happened

Reports

Reports are logged in a JSON format and also returned by the commands for a future use

Commands Echo Server