I’m using OpenSSL’s DTLS implementation to protect communication over a soft real time, nearly reliable, out of order higher level protocol. Our protocol needs to function with low latency even in high loss environments (e.g. - up to 10% loss).
I think I'm running into an issue where the redundancy mechanism in OpenSSL’s DTLS handshake is way too slow and unaggressive for our use in the face of loss. I believe the OpenSSL client starts with a 1 second retransmit timer for each flight of the handshake that it doubles each time it needs to retransmit a flight and none of this is tunable. I need a way to control the DTLS handshake retransmission mechanism, even if it means altering the OpenSSL code directly and compiling against my own fork, so that it is tunable and much more aggressive. Can anyone advise me on the particulars of the best way to implement such a change? The particular timeouts that OpenSSL chose for its DTLS handshake will not be suitable for all application needs and I think some other applications that use DTLS will also need this capability. So, such a change might have a place in the mainline too. Cheers! ----- John Lane Schultz Spread Concepts LLC Cell: 443 838 2200 ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
