diff --git a/Makefile b/Makefile
index 8f7e048..af6e51e 100644
--- a/Makefile
+++ b/Makefile
@@ -1,4 +1,4 @@
-VERSION := 0.9.7
+VERSION := 0.9.8
 .PHONY: lint vis clean common client server passwd\
  subpkgs install uninstall reinstall scc
  
diff --git a/xsnet/consts.go b/xsnet/consts.go
index 87015b3..5c03c15 100644
--- a/xsnet/consts.go
+++ b/xsnet/consts.go
@@ -136,5 +136,7 @@ type CSHmacAlg uint32
 // Some bounds-checking consts
 const (
 	REKEY_SECS_MIN       = 1
+	REKEY_SECS_MAX       = 28800  // 8 hours
 	CHAFF_FREQ_MSECS_MIN = 1
+	CHAFF_FREQ_MSECS_MAX = 300000 // 5 minutes
 )
diff --git a/xsnet/net.go b/xsnet/net.go
index f200c63..0a576ab 100644
--- a/xsnet/net.go
+++ b/xsnet/net.go
@@ -1600,6 +1600,16 @@ func (hc *Conn) ShutdownChaff() {
 }
 
 func (hc *Conn) SetupChaff(msecsMin uint, msecsMax uint, szMax uint) {
+	// Enforce bounds on chaff frequency and pkt size
+	hc.Lock()
+	if hc.chaff.msecsMin < CHAFF_FREQ_MSECS_MIN {
+		hc.chaff.msecsMin = CHAFF_FREQ_MSECS_MIN
+	}
+	if hc.chaff.msecsMax > CHAFF_FREQ_MSECS_MAX {
+		hc.chaff.msecsMax = CHAFF_FREQ_MSECS_MAX
+	}
+	hc.Unlock()
+
 	hc.chaff.msecsMin = msecsMin //move these to params of chaffHelper() ?
 	hc.chaff.msecsMax = msecsMax
 	hc.chaff.szMax = szMax
@@ -1615,6 +1625,9 @@ func (hc *Conn) RekeyHelper(intervalSecs uint) {
 	if intervalSecs < REKEY_SECS_MIN {
 		intervalSecs = REKEY_SECS_MIN
 	}
+	if intervalSecs > REKEY_SECS_MAX {
+		intervalSecs = REKEY_SECS_MAX
+	}
 
 	go func() {
 		hc.Lock()
@@ -1625,7 +1638,14 @@ func (hc *Conn) RekeyHelper(intervalSecs uint) {
 			hc.Lock()
 			rekey := hc.rekey
 			hc.Unlock()
+
 			if rekey != 0 {
+				jitter := rand.Intn(int(rekey)) / 4
+				rekey = rekey - uint(jitter)
+				if rekey < 1 {
+					rekey = 1
+				}
+
 				//logger.LogDebug(fmt.Sprintf("[rekeyHelper Loop]\n"))
 				time.Sleep(time.Duration(rekey) * time.Second)
 
@@ -1656,13 +1676,6 @@ func (hc *Conn) RekeyHelper(intervalSecs uint) {
 
 // Helper routine to spawn a chaffing goroutine for each Conn
 func (hc *Conn) chaffHelper() {
-	// Enforce bounds on chaff frequency and pkt size
-	hc.Lock()
-	if hc.chaff.msecsMin < CHAFF_FREQ_MSECS_MIN {
-		hc.chaff.msecsMin = CHAFF_FREQ_MSECS_MIN
-	}
-	hc.Unlock()
-
 	go func() {
 		var nextDuration int
 		for {