From c8a4a2081858cdabd9971dbe3fd3fa484efa5361 Mon Sep 17 00:00:00 2001
From: Thomas Eizinger <thomas@eizinger.io>
Date: Thu, 19 Jun 2025 00:16:32 +0200
Subject: [PATCH] feat(snownet): increase ICE timeout (#9569)

Some of our users are facing issues on what looks to be very unreliable
network connections. At present, we consider a connection dead if we
don't receive a response within 9.25 seconds. Cutting a connection and
re-establishing it _should_ not be a problem in general and TCP
connections happening through Firezone should resume gracefully. Further
work on whether that is actually the case is due in #9531. Until then,
we increase the ICE timeout to ~15s.

Related: #9526
---
 rust/connlib/snownet/src/node.rs     | 4 ++--
 rust/connlib/tunnel/src/tests/sut.rs | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/rust/connlib/snownet/src/node.rs b/rust/connlib/snownet/src/node.rs
index cd6bbd587..3a897fe02 100644
--- a/rust/connlib/snownet/src/node.rs
+++ b/rust/connlib/snownet/src/node.rs
@@ -2239,7 +2239,7 @@ fn new_agent() -> IceAgent {
 }
 
 fn apply_default_stun_timings(agent: &mut IceAgent) {
-    agent.set_max_stun_retransmits(8);
+    agent.set_max_stun_retransmits(12);
     agent.set_max_stun_rto(Duration::from_millis(1500));
     agent.set_initial_stun_rto(Duration::from_millis(250))
 }
@@ -2282,7 +2282,7 @@ mod tests {
 
         apply_default_stun_timings(&mut agent);
 
-        assert_eq!(agent.ice_timeout(), Duration::from_millis(9250))
+        assert_eq!(agent.ice_timeout(), Duration::from_millis(15250))
     }
 
     #[test]
diff --git a/rust/connlib/tunnel/src/tests/sut.rs b/rust/connlib/tunnel/src/tests/sut.rs
index d3ab1eddd..4047d5261 100644
--- a/rust/connlib/tunnel/src/tests/sut.rs
+++ b/rust/connlib/tunnel/src/tests/sut.rs
@@ -382,9 +382,9 @@ impl TunnelTest {
     ///
     /// Consequently, this function needs to loop until no host can make progress at which point we consider the [`Transition`] complete.
     ///
-    /// At most, we will spend 10s of "simulation time" advancing the state.
+    /// At most, we will spend 20s of "simulation time" advancing the state.
     fn advance(&mut self, ref_state: &ReferenceState, buffered_transmits: &mut BufferedTransmits) {
-        let cut_off = self.flux_capacitor.now::<Instant>() + Duration::from_secs(10);
+        let cut_off = self.flux_capacitor.now::<Instant>() + Duration::from_secs(20);
 
         'outer: while self.flux_capacitor.now::<Instant>() < cut_off {
             let now = self.flux_capacitor.now();