RTI Secure WAN Transport
Core Libraries and Utilities
Release Notes
Version 5.0.0
© 2012
All rights reserved.
Printed in U.S.A. First printing.
August 2012.
Trademarks
Copy and Use Restrictions
No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form (including electronic, mechanical, photocopy, and facsimile) without the prior written permission of Real- Time Innovations, Inc. The software described in this document is furnished under and subject to the RTI software license agreement. The software may be used or copied only under the terms of the license agreement.
Technical Support
232 E. Java Drive
Sunnyvale, CA 94089
Phone: |
(408) |
Email: |
support@rti.com |
Website: |
Release Notes
1 Compatibility
RTI® Secure WAN Transport is an optional product for use with RTI Connext™ (formerly, RTI Data Distribution Service).
This release is supported on the architectures listed in Table 1.1.
Table 1.1 Supported Architectures for RTI Secure WAN Transport
|
Operating System |
Compiler |
RTI Architecture |
|
|
Abbreviation |
|||
|
|
|
||
|
|
|
|
|
|
|
|
|
|
|
Red Hat Enterprise Linux 5.0 (2.6 kernel) |
gcc 4.1.1 |
i86Linux2.6gcc4.1.1 |
|
|
|
|
|
|
Linux® |
Ubuntu® Server 10.04 |
gcc 4.4.3 |
i86Linux2.6gcc4.4.3 |
|
|
|
|||
gcc 4.4.3 |
x64Linux2.6gcc4.4.3 |
|||
|
|
|||
|
|
|
|
|
|
Wind River Linux 4 |
gcc 4.4.1 |
x64WRLinux2.6gcc4.4.1 |
|
|
|
|
|
|
QNX |
QNX Neutrino 6.5 |
qcc 4.4.2 with GNU |
i86QNX6.5qcc_gpp4.4.2 |
|
C++ libraries |
||||
|
|
|
||
|
|
|
|
|
Solaris™ |
Solaris 10 |
gcc3.4.2 |
sparcSol2.10gcc3.4.2 |
|
|
|
|
|
|
|
Windows 2003 |
Visual Studio 2005 |
|
|
|
|
|
||
Windows® |
Windows Vista® |
i86Win32VS2005 |
||
SP 1 |
||||
|
|
|
||
|
Windows XP Professional |
|
||
|
|
|
||
|
|
|
|
2What’s New in Release 5.0.0
❏This release provides compatibility with Connext 5.0.0.
❏This release requires OpenSSL 0.9.8x.
❏QNX Neutrino 6.5 and Wind River Linux 4 platforms are now supported.
❏Windows 2000 platforms are no longer supported.
1
Available Documentation
3 Available Documentation
The following documentation is provided with the Connext distribution. (The paths show where the files are located after Connext has been installed in <NDDSHOME>.)
❏Secure WAN Transport Installation Guide
(<NDDSHOME>/doc/pdf/RTI_Secure_WAN_InstallationGuide.pdf, also available for download from RTI’s Customer Portal.)
❏RTI Core Libraries and Utilities User’s Manual (<NDDSHOME>/doc/pdf/ RTI_CoreLibrariesAndUtilities_UsersManual.pdf)
❏Online (HTML) documentation:
Open <NDDSHOME>/ReadMe.html, then select Secure WAN Transport.
❏Example code: <NDDSHOME>/example/<language>/helloWorldWAN.
❏The API Reference Manual, RTI_Secure_WAN_Transport_API.pdf. This is the same as the Online API HTML documentation listed above, except in PDF format.
4Known Issues
❏When communicating over some networks, the WAN and Secure Transport
If problems occur while sending large packets, set the maximum_message_size transport property to the MTU of your network minus 28 bytes for the DTLS header and set up your application according to the Large Data Use Cases “How To” provided in the online (HTML) documentation. For example, for an MTU size of 1500 bytes (for standard Ether- net), set maximum_message_size to 1500 - 28 = 1472.
One instance of this problem for which there is no workaround is the case where the dis- covery packets are larger than your network’s MTU. This could occur if user data, propa- gated properties, or
❏An application using the WAN transport may appear to hang for several minutes if the WAN server is shut down and not restarted before the application tries to contact it, or if the application is unable to communicate with the WAN server.
Two scenarios under which the application tries to contact the STUN server are during shut down and while establishing a connection with the initial peers.
This issue is due to a sequence of synchronous STUN transactions with the STUN server. If you need to run WAN transport without a STUN server, here are some recommenda- tions:
•Decrease the blocking time by decreasing the number of STUN retransmissions. To do so, change the property, stun_number_of_retransmissions. For example, a change from the default of 7 retries to 5 retries will result in a total period of 3.1 seconds per synchronous operation. Note however, that this may impact the ability to reliably set up connections to peers over a WAN.
2
•Decrease the blocking time by using a participant ID limit of zero when configur- ing the initial peer descriptors.
For example, when the peer descriptor wan://::1:10.10.1.150 is specified, DDS will try to contact five participants with the same WAN ID in different ports. Usually there is only one participant using the same WAN ID. Although the other four par- ticipants will never be reachable, the application still tries to establish communica- tion with them by contacting the STUN server.
You can reduce the number of participants to which the application will try to con- tact to one by using a participant ID limit of zero in the peer descriptor. For exam- ple, 0@wan://::1:10.10.1.150.
For additional information on peer descriptors see the Discovery chapter in the RTI Core Libraries and Utilities User’s Manual.
5
This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http:// www.openssl.org/).
Copyright (c)
The OpenSSL toolkit stays under a dual license, i.e. both the conditions of the OpenSSL License and the original SSLeay license apply to the toolkit. See below for the actual license texts. Actually both licenses are
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
1.Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
2.Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the dis- tribution.
3.All advertising materials mentioning features or use of this software must display the following acknowledgment:
This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit. (http://www.openssl.org/)
4.The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to endorse or promote products derived from this software without prior written permission. For written permission, please contact
5.Products derived from this software may not be called "OpenSSL" nor may "OpenSSL" appear in their names without prior written permission of the OpenSSL Project.
6.Redistributions of any form whatsoever must retain the following acknowledgment:
This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/)
THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MER- CHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABIL- ITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTH-
3
ERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
This product includes cryptographic software written by Eric Young (eay@cryptsoft.com). This product includes software written by Tim Hudson (tjh@cryptsoft.com).
4