From 650cf893ba84522fe2fdd7ac3b261c7e62514e49 Mon Sep 17 00:00:00 2001
From: Thomas Eizinger <thomas@eizinger.io>
Date: Wed, 18 Jun 2025 18:53:26 +0200
Subject: [PATCH] feat(snownet): decrease idle connection ICE timeout (#9570)

Any well-behaved NAT should keep the port mappings of an established UDP
connection open for 120s, even without seeing any traffic. Not all NATs
in the wild are well-behaved though and a discarded port mapping causes
connectivity loss for customers.

To combat these situations, we decrease the timer for STUN probes on
idle connections from 60s to 25s.

Related: #9526
---
 rust/connlib/snownet/src/node.rs | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/rust/connlib/snownet/src/node.rs b/rust/connlib/snownet/src/node.rs
index 00a023e14..cd6bbd587 100644
--- a/rust/connlib/snownet/src/node.rs
+++ b/rust/connlib/snownet/src/node.rs
@@ -2246,8 +2246,8 @@ fn apply_default_stun_timings(agent: &mut IceAgent) {
 
 fn apply_idle_stun_timings(agent: &mut IceAgent) {
     agent.set_max_stun_retransmits(4);
-    agent.set_max_stun_rto(Duration::from_secs(60));
-    agent.set_initial_stun_rto(Duration::from_secs(60));
+    agent.set_max_stun_rto(Duration::from_secs(25));
+    agent.set_initial_stun_rto(Duration::from_secs(25));
 }
 
 /// A session ID is constant for as long as a [`Node`] is operational.
@@ -2291,6 +2291,6 @@ mod tests {
 
         apply_idle_stun_timings(&mut agent);
 
-        assert_eq!(agent.ice_timeout(), Duration::from_secs(240))
+        assert_eq!(agent.ice_timeout(), Duration::from_secs(100))
     }
 }