Opened 6 years ago
Closed 4 years ago
#1001 closed Bug / Defect (notabug)
Empirical MTU test does not work properly
| Reported by: | mmokrejs | Owned by: | |
|---|---|---|---|
| Priority: | major | Milestone: | |
| Component: | Generic / unclassified | Version: | OpenVPN 2.4.4 (Community Ed) |
| Severity: | Not set (select this one, unless your'e a OpenVPN developer) | Keywords: | |
| Cc: |
Description
Hi,
it happened to me that on the OpenVPN server there is MTU9000 and clients cannot figure out that properly.
Here is what a client logs:
OpenVPN: NOTE: Empirical MTU test completed [Tried,Actual] local->remote=[1512,1512] remote->local=[1461,1461]
The server logs:
openvpn[1991]: 217.30.65.82:33272 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 9058', remote='link-mtu 1522' openvpn[1991]: 217.30.65.82:33272 WARNING: 'tun-mtu' is used inconsistently, local='tun-mtu 9000', remote='tun-mtu 1464'
In server's config file is included:
# They were added/tuned based on https://community.openvpn.net/openvpn/wiki/Gigabit_Networks_Linux : tun-mtu 9000 mssfix 0 fragment 0
and I have no way to edit the client's config file (it is a home router). Could the MTU negotiation be made more robust to detect this more properly?
At the moment, connection is established but the VPN tunnel does not practically work. Thank you.
Note: See
TracTickets for help on using
tickets.
MTU test has worked normally
(although maybe not accurately).
--tun-mtuis quite a different beast.Also, the wiki/gigabit_networks article is not something you should do in a production envoronment, it is a specially crafted setup to test what openvpn is possibly capable of.