keeping UDP "session" alive when using NAT
Sven-Haegar Koch
haegar at sdinet.de
Wed Oct 24 02:50:03 CEST 2012
On Tue, 23 Oct 2012, Nathan Stratton Treadway wrote:
> On Tue, Oct 23, 2012 at 23:15:31 +0200, Guus Sliepen wrote:
> > Which version are you using exactly? Recent versions also send UDP packets at
> > the PingInterval, this is part of the PMTUDiscovery feature which is enabled by
> > default.
>
> Thanks for the pointer; I didn't pick out that option as being related
> to this issue.
>
> Currently both sides of my VPN are fairly old, v1.0.3 on the home side
> and 1.0.8 on the office side. So it seems that both are old enough the
> PMTUDiscovery defaults to "off".
>
> Can you explain how PMTUDiscovery relates to the PingInterval? From the
> description of the PMTUDiscovery option in the man page and manual, I
> got the impression that the MTU would be discovered once as the
> connection came up.... are you saying that it's actually re-discovered
> each PingInterval? Or instead that as part of implementing the
> PMTUDiscovery function you had to implement a "NOP" packet on the data
> connection, and thus after that point you had Tinc send the NOP packet
> on both connections every PingInterval seconds (at least in some
> situations)?
>
> In any case, do you think it would help my situation for me to turn on
> PMTUDiscovery in my config file (given the above-listed versions)?
>From a quick look at the git log I suppose you'll want at least version
1.0.12 for it to work really good.
(PMTUDiscovery has been enabled by default since 1.0.9, with lots of
fixes in 1.0.10 and 1.0.11)
c'ya
sven-haegar
--
Three may keep a secret, if two of them are dead.
- Ben F.
More information about the tinc
mailing list