Mobile sites: Use different default tuning parameters

Links involving mobile peers are best served by somewhat different
tuning parameters.  So make the defaults vary accordingly.

Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>

diff --git a/README b/README
index 7e40edf..96114f0 100644 (file)
--- a/README
+++ b/README
@@ -281,16 +281,18 @@ site: dict argument
   transform (transform closure): how to mangle packets sent between sites
   dh (dh closure)
   hash (hash closure)
   transform (transform closure): how to mangle packets sent between sites
   dh (dh closure)
   hash (hash closure)

-  key-lifetime (integer): max lifetime of a session key, in ms [one hour]
+  key-lifetime (integer): max lifetime of a session key, in ms
+    [one hour; mobile: 2 days]

   setup-retries (integer): max number of times to transmit a key negotiation
   setup-retries (integer): max number of times to transmit a key negotiation

-    packet [5]
+    packet [5; mobile: 30]

   setup-timeout (integer): time between retransmissions of key negotiation
   setup-timeout (integer): time between retransmissions of key negotiation

-    packets, in ms [2000]
+    packets, in ms [2000; mobile: 1000]

   wait-time (integer): after failed key setup, wait this long (in ms) before
   wait-time (integer): after failed key setup, wait this long (in ms) before

-    allowing another attempt [20000]
+    allowing another attempt [20000; mobile: 10000]

   renegotiate-time (integer): if we see traffic on the link after this time
     then renegotiate another session key immediately (in ms)
   renegotiate-time (integer): if we see traffic on the link after this time
     then renegotiate another session key immediately (in ms)

-    [half key-lifetime, or key-lifetime minus 5 mins, whichever is longer].
+    [half key-lifetime, or key-lifetime minus 5 mins (mobile: 12 hours),
+     whichever is longer].

   keepalive (bool): if True then attempt always to keep a valid session key.
     Not actually currently implemented. [false]
   log-events (string list): types of events to log for this site
   keepalive (bool): if True then attempt always to keep a valid session key.
     Not actually currently implemented. [false]
   log-events (string list): types of events to log for this site


@@ -327,7 +329,14 @@ site: dict argument
     for us have "mobile True" (and if we find a site configuration for
     ourselves in the config, we insist on this).  The effect is to
     check that there are no links both ends of which are allegedly
     for us have "mobile True" (and if we find a site configuration for
     ourselves in the config, we insist on this).  The effect is to
     check that there are no links both ends of which are allegedly

-    mobile (which is not supported, so those links are ignored). [false]
+    mobile (which is not supported, so those links are ignored) and
+    to change some of the tuning parameter defaults. [false]
+
+Links involving mobile peers have some different tuning parameter
+default values, which are generally more aggressive about retrying key
+setup but more relaxed about using old keys.  These are noted with
+"mobile:", above, and apply whether the mobile peer is local or
+remote.

 
 ** transform
 
 
 ** transform
 

diff --git a/site.c b/site.c
index 8be5523..ed9e803 100644 (file)
--- a/site.c
+++ b/site.c
@@ -32,6 +32,13 @@
 #define DEFAULT_SETUP_RETRIES 5
 #define DEFAULT_SETUP_RETRY_INTERVAL             (2*1000) /* [ms] */
 #define DEFAULT_WAIT_TIME                       (20*1000) /* [ms] */
 #define DEFAULT_SETUP_RETRIES 5
 #define DEFAULT_SETUP_RETRY_INTERVAL             (2*1000) /* [ms] */
 #define DEFAULT_WAIT_TIME                       (20*1000) /* [ms] */

+
+#define DEFAULT_MOBILE_KEY_LIFETIME      (2*24*3600*1000) /* [ms] */
+#define DEFAULT_MOBILE_KEY_RENEGOTIATE_GAP (12*3600*1000) /* [ms] */
+#define DEFAULT_MOBILE_SETUP_RETRIES 30
+#define DEFAULT_MOBILE_SETUP_RETRY_INTERVAL      (1*1000) /* [ms] */
+#define DEFAULT_MOBILE_WAIT_TIME                (10*1000) /* [ms] */
+

 #define DEFAULT_MOBILE_PEER_EXPIRY            (2*60)      /* [s] */
 #define DEFAULT_MOBILE_PEERS_MAX 3 /* send at most this many copies (default) */
 
 #define DEFAULT_MOBILE_PEER_EXPIRY            (2*60)      /* [s] */
 #define DEFAULT_MOBILE_PEERS_MAX 3 /* send at most this many copies (default) */
 


@@ -1346,7 +1353,8 @@ static list_t *site_apply(closure_t *self, struct cloc loc, dict_t *context,
     st->dh=find_cl_if(dict,"dh",CL_DH,True,"site",loc);
     st->hash=find_cl_if(dict,"hash",CL_HASH,True,"site",loc);
 
     st->dh=find_cl_if(dict,"dh",CL_DH,True,"site",loc);
     st->hash=find_cl_if(dict,"hash",CL_HASH,True,"site",loc);
 

-#define DEFAULT(D) DEFAULT_##D
+#define DEFAULT(D) (st->peer_mobile || local_mobile    \
+                    ? DEFAULT_MOBILE_##D : DEFAULT_##D)

 #define CFG_NUMBER(k,D) dict_read_number(dict,(k),False,"site",loc,DEFAULT(D));
 
     st->key_lifetime=         CFG_NUMBER("key-lifetime",  KEY_LIFETIME);
 #define CFG_NUMBER(k,D) dict_read_number(dict,(k),False,"site",loc,DEFAULT(D));
 
     st->key_lifetime=         CFG_NUMBER("key-lifetime",  KEY_LIFETIME);