Skip to content
Commit 84672d5e authored by lucaslin's avatar lucaslin Committed by Lucas Lin
Browse files

Dynamically calculate IKEv2/IPsec VPN MTU 

This change calculates the maximum possible MTU based on the underlying
network and proposed algorithms. If MTU drops below 1280, IPv6 is
disabled, per RFC2460.

In order to ensure that apps with UDP sockets on an IPv6 network are
reset when the IPv6 addresses/routes are removed, the network is
restarted (disconnected/reconnected) when the MTU first drops below
1280. If the VPN only supports IPv6, a VpnManager event is sent to the
provisioning app, and considered failed.

MTUs will only ever be lowered from the MTU provided by the provisioning
application, exclusively improving compatibility if the calculated MTU
is lower than the app-specified MTU. Similarly, MTUs of underlying
networks are gathered on a best-effort basis, using LinkProperties, or
actual Linux interface MTU if not populated in LinkProperties.

For stability & backwards compatibility, this change is ONLY applied for
IKEv2 VPNs.

Bug: 245612827
Test: atest FrameworksNetTests:VpnTest
      Manual test:
      - Test if IPv6 will be disabled when VPN's MTU is lower
        than 1280
      - Test if IPv6 only VPN will be restarted when its MTU
        is lower than 1280
Change-Id: Ic97c16f12229c5377923b031497190082319d035
parent 88749cfd
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment