Skip to content
Snippets Groups Projects
Commit 5a09b307 authored by Guillaume Roguez's avatar Guillaume Roguez
Browse files

reduce UDP payload size to 1232

This patch reduces the maximal payload of all UDP stream to 1232 bytes.
This value is computed from the minimal MTU requested by rfc 2460
to support IPv6.
This value ensures that common networks (going to IPv6) support
a large enough packet size to be efficient, but a minimal size to
not be fragmented. This last case has a great incidence on packet drop
and reordering and validated by heuristic.

Change-Id: Icee79bb25b2fdcc70fef3efb4527209f8309be61
Tuleap: #887
parent 053ab26f
No related branches found
No related tags found
No related merge requests found
...@@ -189,8 +189,8 @@ udp_socket_create(sockaddr_storage* addr, socklen_t* addr_len, int local_port) ...@@ -189,8 +189,8 @@ udp_socket_create(sockaddr_storage* addr, socklen_t* addr_len, int local_port)
return udp_fd; return udp_fd;
} }
// Maximal size allowed for a RTP packet, this value of 1460 bytes is PPoE safe. // Maximal size allowed for a RTP packet, this value of 1232 bytes is an IPv6 minimum (1280 - 40 IPv6 header - 8 UDP header).
static const size_t RTP_BUFFER_SIZE = 1460; static const size_t RTP_BUFFER_SIZE = 1232;
static const size_t SRTP_BUFFER_SIZE = RTP_BUFFER_SIZE - 10; static const size_t SRTP_BUFFER_SIZE = RTP_BUFFER_SIZE - 10;
SocketPair::SocketPair(const char *uri, int localPort) SocketPair::SocketPair(const char *uri, int localPort)
......
...@@ -40,7 +40,7 @@ namespace ring { namespace tls { ...@@ -40,7 +40,7 @@ namespace ring { namespace tls {
static constexpr const char* TLS_CERT_PRIORITY_STRING {"SECURE192:-VERS-TLS-ALL:+VERS-DTLS-ALL:-RSA:%SERVER_PRECEDENCE:%SAFE_RENEGOTIATION"}; static constexpr const char* TLS_CERT_PRIORITY_STRING {"SECURE192:-VERS-TLS-ALL:+VERS-DTLS-ALL:-RSA:%SERVER_PRECEDENCE:%SAFE_RENEGOTIATION"};
static constexpr const char* TLS_FULL_PRIORITY_STRING {"SECURE192:-KX-ALL:+ANON-ECDH:+ANON-DH:+SECURE192:-VERS-TLS-ALL:+VERS-DTLS-ALL:-RSA:%SERVER_PRECEDENCE:%SAFE_RENEGOTIATION"}; static constexpr const char* TLS_FULL_PRIORITY_STRING {"SECURE192:-KX-ALL:+ANON-ECDH:+ANON-DH:+SECURE192:-VERS-TLS-ALL:+VERS-DTLS-ALL:-RSA:%SERVER_PRECEDENCE:%SAFE_RENEGOTIATION"};
static constexpr int DTLS_MTU {1400}; // limit for networks like ADSL static constexpr int DTLS_MTU {1232}; // (1280 from IPv6 minimum MTU - 40 IPv6 header - 8 UDP header)
static constexpr std::size_t INPUT_MAX_SIZE {1000}; // Maximum packet to store before dropping (pkt size = DTLS_MTU) static constexpr std::size_t INPUT_MAX_SIZE {1000}; // Maximum packet to store before dropping (pkt size = DTLS_MTU)
static constexpr ssize_t FLOOD_THRESHOLD {4*1024}; static constexpr ssize_t FLOOD_THRESHOLD {4*1024};
static constexpr auto FLOOD_PAUSE = std::chrono::milliseconds(100); // Time to wait after an invalid cookie packet (anti flood attack) static constexpr auto FLOOD_PAUSE = std::chrono::milliseconds(100); // Time to wait after an invalid cookie packet (anti flood attack)
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment