Use a different UDP discovery interval if the tunnel is established.

This introduces a new configuration option,
UDPDiscoveryKeepaliveInterval, which is used as the UDP discovery
interval once the UDP tunnel is established. The pre-existing option,
UDPDiscoveryInterval, is therefore only used before UDP connectivity
is established.

The defaults are set so that tinc sends UDP pings more aggressively
if the tunnel is not established yet. This is appropriate since the
size of probes in that scenario is very small (16 bytes).

bash_completion.d/tinc

@@ -4,7 +4,7 @@ _tinc() {
 	cur="${COMP_WORDS[COMP_CWORD]}"
 	prev="${COMP_WORDS[COMP_CWORD-1]}"
 	opts="-c -d -D -K -n -o -L -R -U --config --no-detach --debug --net --option --mlock --logfile --pidfile --chroot --user --help --version"
-	confvars="Address AddressFamily BindToAddress BindToInterface Broadcast BroadcastSubnet Cipher ClampMSS Compression ConnectTo DecrementTTL Device DeviceStandby DeviceType Digest DirectOnly Ed25519PrivateKeyFile Ed25519PublicKey Ed25519PublicKeyFile ExperimentalProtocol Forwarding GraphDumpFile Hostnames IffOneQueue IndirectData Interface KeyExpire ListenAddress LocalDiscovery MACExpire MACLength MaxOutputBufferSize MaxTimeout Mode Name PMTU PMTUDiscovery PingInterval PingTimeout Port PriorityInheritance PrivateKeyFile ProcessPriority Proxy PublicKeyFile ReplayWindow StrictSubnets Subnet TCPOnly TunnelServer UDPDiscovery UDPDiscoveryInterval UDPDiscoveryTimeout UDPRcvBuf UDPSndBuf VDEGroup VDEPort Weight"
+	confvars="Address AddressFamily BindToAddress BindToInterface Broadcast BroadcastSubnet Cipher ClampMSS Compression ConnectTo DecrementTTL Device DeviceStandby DeviceType Digest DirectOnly Ed25519PrivateKeyFile Ed25519PublicKey Ed25519PublicKeyFile ExperimentalProtocol Forwarding GraphDumpFile Hostnames IffOneQueue IndirectData Interface KeyExpire ListenAddress LocalDiscovery MACExpire MACLength MaxOutputBufferSize MaxTimeout Mode Name PMTU PMTUDiscovery PingInterval PingTimeout Port PriorityInheritance PrivateKeyFile ProcessPriority Proxy PublicKeyFile ReplayWindow StrictSubnets Subnet TCPOnly TunnelServer UDPDiscovery UDPDiscoveryKeepaliveInterval UDPDiscoveryInterval UDPDiscoveryTimeout UDPRcvBuf UDPSndBuf VDEGroup VDEPort Weight"
 	commands="add connect debug del disconnect dump edit export export-all generate-ed25519-keys generate-keys generate-rsa-keys get help import info init invite join log network pcap pid purge reload restart retry set start stop top version"
 
 	case ${prev} in

doc/tinc.conf.5.in

@@ -492,8 +492,11 @@ tinc always assumes a node is reachable over UDP.
 Note that tinc will never use UDP with nodes that have
 .Va TCPOnly
 enabled.
-.It Va UDPDiscoveryInterval Li = Ar seconds Pq 9
-The minimum amount of time between sending UDP ping datagrams to test UDP connectivity.
+.It Va UDPDiscoveryKeepaliveInterval Li = Ar seconds Pq 9
+The minimum amount of time between sending UDP ping datagrams to check UDP connectivity once it has been established.
+Note that these pings are large, since they are used to verify link MTU as well.
+.It Va UDPDiscoveryInterval Li = Ar seconds Pq 2
+The minimum amount of time between sending UDP ping datagrams to try to establish UDP connectivity.
 .It Va UDPDiscoveryTimeout Li = Ar seconds Pq 30
 If tinc doesn't receive any UDP ping replies over the specified interval,
 it will assume UDP communication is broken and will fall back to TCP.

doc/tinc.texi

@@ -1239,9 +1239,14 @@ using TCP while it determines if a node is reachable over UDP. If it is disabled
 tinc always assumes a node is reachable over UDP.
 Note that tinc will never use UDP with nodes that have TCPOnly enabled.
 
+@cindex UDPDiscoveryKeepaliveInterval
+@item UDPDiscoveryKeepaliveInterval = <seconds> (9)
+The minimum amount of time between sending UDP ping datagrams to check UDP connectivity once it has been established.
+Note that these pings are large, since they are used to verify link MTU as well.
+
 @cindex UDPDiscoveryInterval
-@item UDPDiscoveryInterval = <seconds> (9)
-The minimum amount of time between sending UDP ping datagrams to test UDP connectivity.
+@item UDPDiscoveryInterval = <seconds> (2)
+The minimum amount of time between sending UDP ping datagrams to try to establish UDP connectivity.
 
 @cindex UDPDiscoveryTimeout
 @item UDPDiscoveryTimeout = <seconds> (30)

src/net.h

@@ -139,6 +139,7 @@ extern unsigned replaywin;
 extern bool localdiscovery;
 
 extern bool udp_discovery;
+extern int udp_discovery_keepalive_interval;
 extern int udp_discovery_interval;
 extern int udp_discovery_timeout;
 

src/net_packet.c

@@ -62,7 +62,8 @@ static void send_udppacket(node_t *, vpn_packet_t *);
 unsigned replaywin = 16;
 bool localdiscovery = true;
 bool udp_discovery = true;
-int udp_discovery_interval = 9;
+int udp_discovery_keepalive_interval = 9;
+int udp_discovery_interval = 2;
 int udp_discovery_timeout = 30;
 
 #define MAX_SEQNO 1073741824
@@ -874,7 +875,9 @@ static void try_udp(node_t* n) {
 	struct timeval ping_tx_elapsed;
 	timersub(&now, &n->udp_ping_sent, &ping_tx_elapsed);
 
-	if(ping_tx_elapsed.tv_sec >= udp_discovery_interval) {
+	int interval = n->status.udp_confirmed ? udp_discovery_keepalive_interval : udp_discovery_interval;
+
+	if(ping_tx_elapsed.tv_sec >= interval) {
 		send_udp_probe_packet(n, MAX(n->minmtu, 16));
 		n->udp_ping_sent = now;
 

src/net_setup.c

@@ -511,6 +511,7 @@ bool setup_myself_reloadable(void) {
 		myself->options |= OPTION_INDIRECT;
 
 	get_config_bool(lookup_config(config_tree, "UDPDiscovery"), &udp_discovery);
+	get_config_int(lookup_config(config_tree, "UDPDiscoveryKeepaliveInterval"), &udp_discovery_keepalive_interval);
 	get_config_int(lookup_config(config_tree, "UDPDiscoveryInterval"), &udp_discovery_interval);
 	get_config_int(lookup_config(config_tree, "UDPDiscoveryTimeout"), &udp_discovery_timeout);
 

src/tincctl.c

@@ -1365,6 +1365,7 @@ const var_t variables[] = {
 	{"StrictSubnets", VAR_SERVER},
 	{"TunnelServer", VAR_SERVER},
 	{"UDPDiscovery", VAR_SERVER},
+	{"UDPDiscoveryKeepaliveInterval", VAR_SERVER},
 	{"UDPDiscoveryInterval", VAR_SERVER},
 	{"UDPDiscoveryTimeout", VAR_SERVER},
 	{"UDPRcvBuf", VAR_SERVER},