9912c673bf
much of our tunnel failure detection code itself uses tunnels - send out tunnel 1 and get the reply through tunnel 2. If it fails, which one "broke"? * we now add a failure mark to both in all situations, including during tunnel creation * properly check the tunnel expiration 2-2.5 minutes prior to completion, rather than the old 0.5-1.5 minutes.