From 10bb9919f15a7777905f3d43ca01325a229203c7 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Wed, 10 Feb 2016 09:32:42 -0800
Subject: Tweak certificate of membership revision/time tolerance to eliminate
 boundary packet loss issues occasionally seen in the wild.

---
 node/CertificateOfMembership.hpp | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'node')

diff --git a/node/CertificateOfMembership.hpp b/node/CertificateOfMembership.hpp
index c6d59397..44d892e7 100644
--- a/node/CertificateOfMembership.hpp
+++ b/node/CertificateOfMembership.hpp
@@ -33,6 +33,16 @@
 #include "Identity.hpp"
 #include "Utils.hpp"
 
+/**
+ * Default window of time for certificate agreement
+ *
+ * Right now we use time for 'revision' so this is the maximum time divergence
+ * between two certs for them to agree. It comes out to three minutes, which
+ * gives a lot of margin for error if the controller hiccups or its clock
+ * drifts but causes de-authorized peers to fall off fast enough.
+ */
+#define ZT_NETWORK_COM_DEFAULT_REVISION_MAX_DELTA (ZT_NETWORK_AUTOCONF_DELAY * 3)
+
 namespace ZeroTier {
 
 /**
-- 
cgit v1.2.3