From 65faf8dff03b7ed638341b6105b26addae28d641 Mon Sep 17 00:00:00 2001 Message-Id: <65faf8dff03b7ed638341b6105b26addae28d641.1714771621.git.mdw@distorted.org.uk> From: Mark Wooding Date: Wed, 24 Dec 2008 23:29:15 +0000 Subject: [PATCH 1/1] tripe-keys: Add a subcommand to print the correct tunnel MTU. Organization: Straylight/Edgeware From: Mark Wooding This probably isn't the right place for it, but it was easy. The right thing to do is to add path-MTU discovery to the server, but that will get really messy. --- keys/tripe-keys.8.in | 14 ++++++++++++++ keys/tripe-keys.in | 25 +++++++++++++++++++++++++ 2 files changed, 39 insertions(+) diff --git a/keys/tripe-keys.8.in b/keys/tripe-keys.8.in index eb2604b8..ce3c1ec1 100644 --- a/keys/tripe-keys.8.in +++ b/keys/tripe-keys.8.in @@ -55,6 +55,8 @@ tripe-keys \- simple centralized key management for tripe .B "rebuild" .br .B "clean" +.br +.BR "mtu " [ \fIpath-mtu ] . .\"-------------------------------------------------------------------------- .SH "DESCRIPTION" @@ -215,6 +217,18 @@ might have written to a directory. In particular, it deletes and their associated .B .old files. +.TP +.BR "mtu " [ \fIpath-mtu ] +Write, as a decimal number on standard output, the recommended MTU for a +TrIPE tunnel interface, given that the +.I path-mtu +between two peers is as specified. The default is 1500, which is very +commonly correct, but you should check using a tool such as +.BR tracepath (8). +Getting the MTU too big will lead to unnecessary fragmentation of +TrIPE's UDP datagrams; getting it too small will fail to utilize the +underlying network effectively. If in doubt, it's therefore better to +underestimate. . .\"-------------------------------------------------------------------------- .SH "SEE ALSO" diff --git a/keys/tripe-keys.in b/keys/tripe-keys.in index b195342c..b0dbf945 100644 --- a/keys/tripe-keys.in +++ b/keys/tripe-keys.in @@ -473,6 +473,30 @@ def cmd_clean(args): r == 'keyring' or r == 'keyring.pub' or r.startswith('peer-')): zap(i) +###-------------------------------------------------------------------------- +### Commands: mtu + +def cmd_mtu(args): + mtu, = (lambda mtu = '1500': (mtu,))(*args) + mtu = int(mtu) + + blksz = C.gcciphers[conf['cipher']].blksz + + index = conf['mac'].find('/') + if index == -1: + tagsz = C.gcmacs[conf['mac']].tagsz + else: + tagsz = int(conf['mac'][index + 1:])/8 + + mtu -= 20 # Minimum IP header + mtu -= 8 # UDP header + mtu -= 1 # TrIPE packet type octet + mtu -= tagsz # MAC tag + mtu -= 4 # Sequence number + mtu -= blksz # Initialization vector + + print mtu + ###-------------------------------------------------------------------------- ### Main driver. @@ -485,6 +509,7 @@ commands = {'help': (cmd_help, 0, 1, ''), 'upload': (cmd_upload, 0, 0, ''), 'update': (cmd_update, 0, 0, ''), 'clean': (cmd_clean, 0, 0, ''), + 'mtu': (cmd_mtu, 0, 1, '[PATH-MTU]'), 'generate': (cmd_generate, 1, 1, 'TAG'), 'rebuild': (cmd_rebuild, 0, 0, '')} -- [mdw]