X-Git-Url: https://www.tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Fnet_packet.c;h=1cd03d29fcd66c834e3a38f9c1760c5cf5340a63;hb=07108117ceddaff0654f9def703e717c002f3e2d;hp=626114c8a63673e2125ef19d65f14a2acebd86dd;hpb=c1532035e2850dc4ec0eb22a6d51208e3128eb94;p=tinc

diff --git a/src/net_packet.c b/src/net_packet.c
index 626114c8..1cd03d29 100644
--- a/src/net_packet.c
+++ b/src/net_packet.c
@@ -37,6 +37,8 @@
 #include "digest.h"
 #include "device.h"
 #include "ethernet.h"
+#include "ipv4.h"
+#include "ipv6.h"
 #include "graph.h"
 #include "logger.h"
 #include "net.h"
@@ -60,7 +62,8 @@ static void send_udppacket(node_t *, vpn_packet_t *);
 unsigned replaywin = 16;
 bool localdiscovery = true;
 bool udp_discovery = true;
-int udp_discovery_interval = 9;
+int udp_discovery_keepalive_interval = 9;
+int udp_discovery_interval = 2;
 int udp_discovery_timeout = 30;
 
 #define MAX_SEQNO 1073741824
@@ -144,7 +147,8 @@ static void udp_probe_h(node_t *n, vpn_packet_t *packet, length_t len) {
 		if(probelen >= n->maxmtu + 1) {
 			logger(DEBUG_TRAFFIC, LOG_INFO, "Increase in PMTU to %s (%s) detected, restarting PMTU discovery", n->name, n->hostname);
 			n->maxmtu = MTU;
-			n->mtuprobes = 0;
+			/* Set mtuprobes to 1 so that try_mtu() doesn't reset maxmtu */
+			n->mtuprobes = 1;
 			return;
 		}
 
@@ -871,7 +875,9 @@ static void try_udp(node_t* n) {
 	struct timeval ping_tx_elapsed;
 	timersub(&now, &n->udp_ping_sent, &ping_tx_elapsed);
 
-	if(ping_tx_elapsed.tv_sec >= udp_discovery_interval) {
+	int interval = n->status.udp_confirmed ? udp_discovery_keepalive_interval : udp_discovery_interval;
+
+	if(ping_tx_elapsed.tv_sec >= interval) {
 		send_udp_probe_packet(n, MAX(n->minmtu, 16));
 		n->udp_ping_sent = now;
 
@@ -883,6 +889,67 @@ static void try_udp(node_t* n) {
 	}
 }
 
+static length_t choose_initial_maxmtu(node_t *n) {
+#ifdef IP_MTU
+
+	int sock = -1;
+
+	const sockaddr_t *sa = NULL;
+	int sockindex;
+	choose_udp_address(n, &sa, &sockindex);
+	if(!sa)
+		return MTU;
+
+	sock = socket(sa->sa.sa_family, SOCK_DGRAM, IPPROTO_UDP);
+	if(sock < 0) {
+		logger(DEBUG_TRAFFIC, LOG_ERR, "Creating MTU assessment socket for %s (%s) failed: %s", n->name, n->hostname, sockstrerror(sockerrno));
+		return MTU;
+	}
+
+	if(connect(sock, &sa->sa, SALEN(sa->sa))) {
+		logger(DEBUG_TRAFFIC, LOG_ERR, "Connecting MTU assessment socket for %s (%s) failed: %s", n->name, n->hostname, sockstrerror(sockerrno));
+		close(sock);
+		return MTU;
+	}
+
+	int ip_mtu;
+	socklen_t ip_mtu_len = sizeof ip_mtu;
+	if(getsockopt(sock, IPPROTO_IP, IP_MTU, &ip_mtu, &ip_mtu_len)) {
+		logger(DEBUG_TRAFFIC, LOG_ERR, "getsockopt(IP_MTU) on %s (%s) failed: %s", n->name, n->hostname, sockstrerror(sockerrno));
+		close(sock);
+		return MTU;
+	}
+
+	close(sock);
+
+	/* getsockopt(IP_MTU) returns the MTU of the physical interface.
+	   We need to remove various overheads to get to the tinc MTU. */
+	length_t mtu = ip_mtu;
+	mtu -= (sa->sa.sa_family == AF_INET6) ? sizeof(struct ip6_hdr) : sizeof(struct ip);
+	mtu -= 8; /* UDP */
+	if(n->status.sptps) {
+		mtu -= SPTPS_DATAGRAM_OVERHEAD;
+		if((n->options >> 24) >= 4)
+			mtu -= sizeof(node_id_t) + sizeof(node_id_t);
+	}
+
+	if (mtu < 512) {
+		logger(DEBUG_TRAFFIC, LOG_ERR, "getsockopt(IP_MTU) on %s (%s) returned absurdly small value: %d", n->name, n->hostname, ip_mtu);
+		return MTU;
+	}
+	if (mtu > MTU)
+		return MTU;
+
+	logger(DEBUG_TRAFFIC, LOG_INFO, "Using system-provided maximum tinc MTU for %s (%s): %hd", n->name, n->hostname, mtu);
+	return mtu;
+
+#else
+
+	return MTU;
+
+#endif
+}
+
 // This function tries to determines the MTU of a node.
 // By calling this function repeatedly, n->minmtu will be progressively increased, and at some point, n->mtu will be fixed to n->minmtu.
 // If the MTU is already fixed, this function checks if it can be increased.
@@ -922,30 +989,46 @@ static void try_mtu(node_t *n) {
 		if(n->maxmtu + 1 < MTU)
 			send_udp_probe_packet(n, n->maxmtu + 1);
 	} else {
-		/* Decreasing the number of probes per cycle might make the algorithm react faster to lost packets,
-		   but it will typically increase convergence time in the no-loss case. */
-		const length_t probes_per_cycle = 8;
-
-		/* This magic value was determined using math simulations.
-		   It will result in a 1329-byte first probe, followed (if there was a reply) by a 1407-byte probe.
-		   Since 1407 is just below the range of tinc MTUs over typical networks,
-		   this fine-tuning allows tinc to cover a lot of ground very quickly. */
-		const float multiplier = 0.97;
-
-		const float cycle_position = probes_per_cycle - (n->mtuprobes % probes_per_cycle) - 1;
-		const length_t minmtu = MAX(n->minmtu, 512);
-		const float interval = n->maxmtu - minmtu;
-
-		/* The core of the discovery algorithm is this exponential.
-		   It produces very large probes early in the cycle, and then it very quickly decreases the probe size.
-		   This reflects the fact that in the most difficult cases, we don't get any feedback for probes that
-		   are too large, and therefore we need to concentrate on small offsets so that we can quickly converge
-		   on the precise MTU as we are approaching it.
-		   The last probe of the cycle is always 1 byte in size - this is to make sure we'll get at least one
-		   reply per cycle so that we can make progress. */
-		const length_t offset = powf(interval, multiplier * cycle_position / (probes_per_cycle - 1));
-
-		send_udp_probe_packet(n, minmtu + offset);
+		/* Before initial discovery begins, set maxmtu to the most likely value.
+		   If it's underestimated, we will correct it after initial discovery. */
+		if(n->mtuprobes == 0)
+			n->maxmtu = choose_initial_maxmtu(n);
+
+		for (;;) {
+			/* Decreasing the number of probes per cycle might make the algorithm react faster to lost packets,
+			   but it will typically increase convergence time in the no-loss case. */
+			const length_t probes_per_cycle = 8;
+
+			/* This magic value was determined using math simulations.
+			   It will result in a 1329-byte first probe, followed (if there was a reply) by a 1407-byte probe.
+			   Since 1407 is just below the range of tinc MTUs over typical networks,
+			   this fine-tuning allows tinc to cover a lot of ground very quickly.
+			   This fine-tuning is only valid for maxmtu = MTU; if maxmtu is smaller,
+			   then it's better to use a multiplier of 1. Indeed, this leads to an interesting scenario
+			   if choose_initial_maxmtu() returns the actual MTU value - it will get confirmed with one single probe. */
+			const float multiplier = (n->maxmtu == MTU) ? 0.97 : 1;
+
+			const float cycle_position = probes_per_cycle - (n->mtuprobes % probes_per_cycle) - 1;
+			const length_t minmtu = MAX(n->minmtu, 512);
+			const float interval = n->maxmtu - minmtu;
+
+			/* The core of the discovery algorithm is this exponential.
+			   It produces very large probes early in the cycle, and then it very quickly decreases the probe size.
+			   This reflects the fact that in the most difficult cases, we don't get any feedback for probes that
+			   are too large, and therefore we need to concentrate on small offsets so that we can quickly converge
+			   on the precise MTU as we are approaching it.
+			   The last probe of the cycle is always 1 byte in size - this is to make sure we'll get at least one
+			   reply per cycle so that we can make progress. */
+			const length_t offset = powf(interval, multiplier * cycle_position / (probes_per_cycle - 1));
+
+			length_t maxmtu = n->maxmtu;
+			send_udp_probe_packet(n, minmtu + offset);
+			/* If maxmtu changed, it means the probe was rejected by the system because it was too large.
+			   In that case, we recalculate with the new maxmtu and try again. */
+			if(n->mtuprobes < 0 || maxmtu == n->maxmtu)
+				break;
+		}
+
 		if(n->mtuprobes >= 0)
 			n->mtuprobes++;
 	}