Use a different UDP discovery interval if the tunnel is established.

This introduces a new configuration option,
UDPDiscoveryKeepaliveInterval, which is used as the UDP discovery
interval once the UDP tunnel is established. The pre-existing option,
UDPDiscoveryInterval, is therefore only used before UDP connectivity
is established.

The defaults are set so that tinc sends UDP pings more aggressively
if the tunnel is not established yet. This is appropriate since the
size of probes in that scenario is very small (16 bytes).

diff --git a/bash_completion.d/tinc b/bash_completion.d/tinc
index b5784e17f632ca62e4b69f38c82e0b8b0252e7fe..01629afb9f0b614ff663a03fbdf6ff7da271a449 100644 (file)
--- a/bash_completion.d/tinc
+++ b/bash_completion.d/tinc
@@ -4,7 +4,7 @@ _tinc() {
        cur="${COMP_WORDS[COMP_CWORD]}"
        prev="${COMP_WORDS[COMP_CWORD-1]}"
        opts="-c -d -D -K -n -o -L -R -U --config --no-detach --debug --net --option --mlock --logfile --pidfile --chroot --user --help --version"
-       confvars="Address AddressFamily BindToAddress BindToInterface Broadcast BroadcastSubnet Cipher ClampMSS Compression ConnectTo DecrementTTL Device DeviceStandby DeviceType Digest DirectOnly Ed25519PrivateKeyFile Ed25519PublicKey Ed25519PublicKeyFile ExperimentalProtocol Forwarding GraphDumpFile Hostnames IffOneQueue IndirectData Interface KeyExpire ListenAddress LocalDiscovery MACExpire MACLength MaxOutputBufferSize MaxTimeout Mode Name PMTU PMTUDiscovery PingInterval PingTimeout Port PriorityInheritance PrivateKeyFile ProcessPriority Proxy PublicKeyFile ReplayWindow StrictSubnets Subnet TCPOnly TunnelServer UDPDiscovery UDPDiscoveryInterval UDPDiscoveryTimeout UDPRcvBuf UDPSndBuf VDEGroup VDEPort Weight"
+       confvars="Address AddressFamily BindToAddress BindToInterface Broadcast BroadcastSubnet Cipher ClampMSS Compression ConnectTo DecrementTTL Device DeviceStandby DeviceType Digest DirectOnly Ed25519PrivateKeyFile Ed25519PublicKey Ed25519PublicKeyFile ExperimentalProtocol Forwarding GraphDumpFile Hostnames IffOneQueue IndirectData Interface KeyExpire ListenAddress LocalDiscovery MACExpire MACLength MaxOutputBufferSize MaxTimeout Mode Name PMTU PMTUDiscovery PingInterval PingTimeout Port PriorityInheritance PrivateKeyFile ProcessPriority Proxy PublicKeyFile ReplayWindow StrictSubnets Subnet TCPOnly TunnelServer UDPDiscovery UDPDiscoveryKeepaliveInterval UDPDiscoveryInterval UDPDiscoveryTimeout UDPRcvBuf UDPSndBuf VDEGroup VDEPort Weight"
        commands="add connect debug del disconnect dump edit export export-all generate-ed25519-keys generate-keys generate-rsa-keys get help import info init invite join log network pcap pid purge reload restart retry set start stop top version"
 
        case ${prev} in

diff --git a/doc/tinc.conf.5.in b/doc/tinc.conf.5.in
index b7a619eea93ec410db3ceef43b534582ec99e474..bc481ead83e01a636f241a3edef2e7120ab9e024 100644 (file)
--- a/doc/tinc.conf.5.in
+++ b/doc/tinc.conf.5.in
@@ -492,8 +492,11 @@ tinc always assumes a node is reachable over UDP.
 Note that tinc will never use UDP with nodes that have
 .Va TCPOnly
 enabled.
-.It Va UDPDiscoveryInterval Li = Ar seconds Pq 9
-The minimum amount of time between sending UDP ping datagrams to test UDP connectivity.
+.It Va UDPDiscoveryKeepaliveInterval Li = Ar seconds Pq 9
+The minimum amount of time between sending UDP ping datagrams to check UDP connectivity once it has been established.
+Note that these pings are large, since they are used to verify link MTU as well.
+.It Va UDPDiscoveryInterval Li = Ar seconds Pq 2
+The minimum amount of time between sending UDP ping datagrams to try to establish UDP connectivity.
 .It Va UDPDiscoveryTimeout Li = Ar seconds Pq 30
 If tinc doesn't receive any UDP ping replies over the specified interval,
 it will assume UDP communication is broken and will fall back to TCP.

diff --git a/doc/tinc.texi b/doc/tinc.texi
index dc797fb71248f20c152be6637ddc48218bb62e9b..427fbeaa0b651243e326b628e48583f99652ba5b 100644 (file)
--- a/doc/tinc.texi
+++ b/doc/tinc.texi
@@ -1239,9 +1239,14 @@ using TCP while it determines if a node is reachable over UDP. If it is disabled
 tinc always assumes a node is reachable over UDP.
 Note that tinc will never use UDP with nodes that have TCPOnly enabled.
 
+@cindex UDPDiscoveryKeepaliveInterval
+@item UDPDiscoveryKeepaliveInterval = <seconds> (9)
+The minimum amount of time between sending UDP ping datagrams to check UDP connectivity once it has been established.
+Note that these pings are large, since they are used to verify link MTU as well.
+
 @cindex UDPDiscoveryInterval
-@item UDPDiscoveryInterval = <seconds> (9)
-The minimum amount of time between sending UDP ping datagrams to test UDP connectivity.
+@item UDPDiscoveryInterval = <seconds> (2)
+The minimum amount of time between sending UDP ping datagrams to try to establish UDP connectivity.
 
 @cindex UDPDiscoveryTimeout
 @item UDPDiscoveryTimeout = <seconds> (30)

diff --git a/src/net.h b/src/net.h
index 49a3e173d6da6028092075996d319775eccfe0f0..660ffc497071758385bb5040182f24e0b09d91b6 100644 (file)
--- a/src/net.h
+++ b/src/net.h
@@ -139,6 +139,7 @@ extern unsigned replaywin;
 extern bool localdiscovery;
 
 extern bool udp_discovery;
+extern int udp_discovery_keepalive_interval;
 extern int udp_discovery_interval;
 extern int udp_discovery_timeout;
 

diff --git a/src/net_packet.c b/src/net_packet.c
index a7ddcdf0191aa47e7c284e093ddf9a7ccaedf20c..1cd03d29fcd66c834e3a38f9c1760c5cf5340a63 100644 (file)
--- a/src/net_packet.c
+++ b/src/net_packet.c
@@ -62,7 +62,8 @@ static void send_udppacket(node_t *, vpn_packet_t *);
 unsigned replaywin = 16;
 bool localdiscovery = true;
 bool udp_discovery = true;
-int udp_discovery_interval = 9;
+int udp_discovery_keepalive_interval = 9;
+int udp_discovery_interval = 2;
 int udp_discovery_timeout = 30;
 
 #define MAX_SEQNO 1073741824
@@ -874,7 +875,9 @@ static void try_udp(node_t* n) {
        struct timeval ping_tx_elapsed;
        timersub(&now, &n->udp_ping_sent, &ping_tx_elapsed);
 
-       if(ping_tx_elapsed.tv_sec >= udp_discovery_interval) {
+       int interval = n->status.udp_confirmed ? udp_discovery_keepalive_interval : udp_discovery_interval;
+
+       if(ping_tx_elapsed.tv_sec >= interval) {
                send_udp_probe_packet(n, MAX(n->minmtu, 16));
                n->udp_ping_sent = now;
 

diff --git a/src/net_setup.c b/src/net_setup.c
index 97f3d2a4a9ea8dc6ce7639b4dfe5e557d6f94147..34320d8bccae08c2869246d33dbd3ffdb57614d7 100644 (file)
--- a/src/net_setup.c
+++ b/src/net_setup.c
@@ -511,6 +511,7 @@ bool setup_myself_reloadable(void) {
                myself->options |= OPTION_INDIRECT;
 
        get_config_bool(lookup_config(config_tree, "UDPDiscovery"), &udp_discovery);
+       get_config_int(lookup_config(config_tree, "UDPDiscoveryKeepaliveInterval"), &udp_discovery_keepalive_interval);
        get_config_int(lookup_config(config_tree, "UDPDiscoveryInterval"), &udp_discovery_interval);
        get_config_int(lookup_config(config_tree, "UDPDiscoveryTimeout"), &udp_discovery_timeout);
 

diff --git a/src/tincctl.c b/src/tincctl.c
index 2e3820355bafe2bafedb30bc758d167f4b2c1f5f..29c57154aad84f5c6a656f51e6575dae2747abfd 100644 (file)
--- a/src/tincctl.c
+++ b/src/tincctl.c
@@ -1365,6 +1365,7 @@ const var_t variables[] = {
        {"StrictSubnets", VAR_SERVER},
        {"TunnelServer", VAR_SERVER},
        {"UDPDiscovery", VAR_SERVER},
+       {"UDPDiscoveryKeepaliveInterval", VAR_SERVER},
        {"UDPDiscoveryInterval", VAR_SERVER},
        {"UDPDiscoveryTimeout", VAR_SERVER},
        {"UDPRcvBuf", VAR_SERVER},