Opened 4 years ago

Closed 2 years ago

#19 closed Bug / Defect (fixed)

Enhance <connection> profile logic

Reported by: dazo Owned by:
Priority: major Milestone: beta 2.3
Component: Configuration Version: git master branch
Severity: Not set (if unsure, select this one) Keywords:
Cc:

Description

Based on a sf.net bug report: https://sourceforge.net/tracker/index.php?func=detail&aid=2945147&group_id=48978&atid=454720

The <connection> profile logic is not too advanced at the moment, and some configuration options are not allowed inside a <connection> even though it would be beneficial to have them there. Some of these options are even documented that should work inside <connection> blocks, but still doesn't.

Known options which should work but doesn't:
--nobind

Options which should be considered suported:
--auto-proxy, --mssfix, --fragment, --link-mtu, --socket-flags

Some options which needs even more careful considerations
--no-replay, --replay-window, --cipher, --tls-cipher

Those last options should be considered as it might be you need different replay algorithms or cipher algorithms if switching from UDP to TCP via proxy, etc. This might be a useful last-attempt tweak around connection stability and/or performance issues between profiles.

Change History (1)

comment:1 Changed 2 years ago by dazo

  • Milestone set to beta 2.3
  • Resolution set to fixed
  • Status changed from new to closed

Considering this solved for now.

commit 76809cae0eae07817160b423d3f9551df1a1d68e
Author: Jan Just Keijser <janjust@nikhef.nl>
Date:   Tue Feb 7 16:29:47 2012 +0100

    Made some options connection-entry specific
    
    The following options may now be used in a connection block:
    
     fragment
     mssfix
     tun-mtu
     tun-mtu-extra
     link-mtu
     mtu_discover_type
     explicit-exit-notification
    
    In order to support stuff like
    <connection>
      remote host
      proto udp
      fragment
      explicit-exit-notification 3
    </connection>
    <connection>
      remote host
      proto tcp
    </connection>
    
    Signed-off-by: Jan Just Keijser <janjust@nikhef.nl>
    Acked-by: David Sommerseth <davids@redhat.com>
    Signed-off-by: David Sommerseth <davids@redhat.com>

Note: See TracTickets for help on using tickets.