Hi,
I implemented a DTLS server using openssl. (I have an udp socket and I am
using a memory bio to communicate with openssl.)
However if there is packet loss the DTLS handshake could take 1-2 seconds,
which is a lot in my case.
The normal flow when there is no packet loss: (few milliseconds)
Client Hello ------------------------->
<------------------------- Server Hello
Rest of the handshake ---------->
<---------- Rest of the handshake
The flow I am experiencing: (few seconds)
Client Hello ------------------------->
<-------(lost)----------- Server Hello
Client Hello ------------------------->
Client Hello ------------------------->
Client Hello ------------------------->
<------------------------- Server Hello
Rest of the handshake ---------->
<---------- Rest of the handshake
I can easily reproduce it even in local environment directly dropping the
first Server Hello.
I am curious why the server does not respond to some several upcoming
Client Hello's.
If it would answer the handshake could complete well below 1 second but
this way it takes up 1-2 seconds, when it finally answers again for later
Client Hello's.
How could I make the DTLS handshake complete faster? (by enabling answer
for all Client Hello's for example, is there a way?)
Thanks in advance and best regards,
nojz
