Opened 2 years ago

Closed 6 months ago

#1001 closed Bug / Defect (notabug)

Empirical MTU test does not work properly

Reported by: mmokrejs Owned by:
Priority: major Milestone:
Component: Generic / unclassified Version: OpenVPN 2.4.4 (Community Ed)
Severity: Not set (select this one, unless your'e a OpenVPN developer) Keywords:
Cc:

Description

Hi,

it happened to me that on the OpenVPN server there is MTU9000 and clients cannot figure out that properly.

Here is what a client logs:

OpenVPN: NOTE: Empirical MTU test completed [Tried,Actual] local->remote=[1512,1512] remote->local=[1461,1461]

The server logs:

openvpn[1991]: 217.30.65.82:33272 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 9058', remote='link-mtu 1522'
openvpn[1991]: 217.30.65.82:33272 WARNING: 'tun-mtu' is used inconsistently, local='tun-mtu 9000', remote='tun-mtu 1464'

In server's config file is included:

# They were added/tuned based on https://community.openvpn.net/openvpn/wiki/Gigabit_Networks_Linux :
tun-mtu 9000
mssfix 0
fragment 0

and I have no way to edit the client's config file (it is a home router). Could the MTU negotiation be made more robust to detect this more properly?

At the moment, connection is established but the VPN tunnel does not practically work. Thank you.

Change History (1)

comment:1 Changed 6 months ago by tincantech

Resolution: notabug
Status: newclosed

MTU test has worked normally
(although maybe not accurately).
--tun-mtu is quite a different beast.

Also, the wiki/gigabit_networks article is not something you should do in a production envoronment, it is a specially crafted setup to test what openvpn is possibly capable of.

Note: See TracTickets for help on using tickets.