[GIT PULL] DTLS establishment timeout increase
Nikos Mavrogiannopoulos
nmav at gnutls.org
Tue Feb 4 03:41:14 EST 2014
When connecting with my mobile to ocserv, I've noticed that 1 out of 5
connections using DTLS will fail due to timeout. It seems that the
current timeout value (5 secs), is too short to cope with lost packets
(especially when slow processors are involved). The DTLS retransmission
starts from 1 sec delay and doubles on every retransmission attempt, so
with 5 secs timeout and 3 lost packets in a flight (e.g., in a congested
link for these 5 secs), the DTLS channel has very slim chances on being
established.
I've increased that value to 12 secs in
faae9074980b304c0f83d2b07d085e3d8daf36fb, but I don't know whether it
should be better for that to be made configurable.
It is also available from:
git://gitorious.org/openconnect-x/openconnect-x.git privacy-improvements
regards,
Nikos
More information about the openconnect-devel
mailing list