Closed ccaapton closed 9 months ago
Diffie–Hellman key exchange is around 128 bytes.
What you are observing is probably test data. You could try adjusting Cfg::link_test_data_limit
to limit the amount of test data or disable it completely. However, this could make your connection unstable when a link is added that hangs right after being established.
It is not about the packet size, but the extra round trip time needed for the dh handshake. I want to use it for aggregate multi vpn across continents, so every rtt counts.
No additional round trips were introduced by Diffie-Hellman, see commit https://github.com/surban/aggligator/commit/c5f644bef0b442608928b971289e0e37163c1290.
Before DH there still was the need to exchange connection and server ids, although unencrypted.
When I was testing agg-tunnel locally, I noticed even with a very small payload, there are huge underlying packets transmitted(about 8k bytes), that is much more than tls handshake. I guess that is for the DH key-exchange?
I think the key-exchange process should be made optional, so in trusted environments, the setup speed will be better.