Document relationship between ephemeral peer MTU fixes

2 files changed, 8 insertions, 0 deletions

diff --git a/talpid-tunnel-config-client/src/socket.rs b/talpid-tunnel-config-client/src/socket.rs
index 478e757445..f7e48a6f8f 100644
--- a/talpid-tunnel-config-client/src/socket.rs
+++ b/talpid-tunnel-config-client/src/socket.rs
@@ -1,5 +1,10 @@
 //! A TCP stream with a low MSS set. This prevents incorrectly configured MTU from causing
 //! fragmentation/packet loss. This is only supported on non-Windows targets.
+//!
+//! On windows this solution does not work. So on Windows we instead temporarily lower the MTU
+//! while negotiating the ephemeral peer. This code lives in `talpid-wireguard/src/ephemeral.rs`
+//! These two solutions to the same problem should probably be refactored to end up closer
+//! to each other.
 
 use std::io;
 use std::net::SocketAddr;
diff --git a/talpid-wireguard/src/ephemeral.rs b/talpid-wireguard/src/ephemeral.rs
index b00babf781..5440a142f6 100644
--- a/talpid-wireguard/src/ephemeral.rs
+++ b/talpid-wireguard/src/ephemeral.rs
@@ -34,6 +34,9 @@ pub async fn config_ephemeral_peers(
         tunnel.get_interface_name()
     };
 
+    // Lower the MTU in order to make the ephemeral peer handshake work more reliably.
+    // On unix based operating systems this is done by setting the MSS directly on the
+    // TCP socket. But that solution does not work on Windows, so we do this MTU hack instead.
     log::trace!("Temporarily lowering tunnel MTU before ephemeral peer config");
     try_set_ipv4_mtu(&iface_name, talpid_tunnel::MIN_IPV4_MTU);