Opened 3 years ago

Last modified 2 years ago

#909 new Bug / Defect

--mtu-disc yes not supported on Linux

Reported by: harri Owned by:
Priority: major Milestone:
Component: Generic / unclassified Version: OpenVPN 2.4.3 (Community Ed)
Severity: Not set (select this one, unless your'e a OpenVPN developer) Keywords: mtu
Cc:

Description

If I set "--mtu-test yes" on Linux, then openvpn ignores the man page and claims

{root@cecil:openvpn (master) 530} /usr/sbin/openvpn --cd /etc/openvpn --config client.conf --mtu-disc yes
Sat Jul  1 15:24:46 2017 OpenVPN 2.4.3 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jun 30 2017
Sat Jul  1 15:24:46 2017 library versions: OpenSSL 1.0.2l  25 May 2017, LZO 2.08
Enter Private Key Password: ******
:
Sat Jul  1 15:24:52 2017 --mtu-disc is not supported on this OS
Sat Jul  1 15:24:52 2017 Exiting due to fatal error
{root@cecil:openvpn (master) 531} uname -a
Linux cecil.afaics.de 4.11.8-raw #1 SMP PREEMPT Thu Jun 29 22:46:23 CEST 2017 x86_64 GNU/Linux

Address family is AF_INET.

Change History (8)

comment:1 Changed 3 years ago by tincantech

cc

comment:2 Changed 3 years ago by harri

PS: Of course the title should have been "--mtu-disc yes not supported on Linux", sorry for the typo.

comment:3 Changed 3 years ago by David Sommerseth

Summary: --mtu-test yes not supported on Linux--mtu-disc yes not supported on Linux

I've corrected the title.

comment:4 Changed 3 years ago by Antonio

This is happening because openvpn-2.4 implements some kind of "AF family" socket guessing.
Because of this, the attribute used by the mtu-disc logic to understand if the socket is IPv4 or IPv6 is not set (because it is guessed) when it should be.

As a temporary workaround you can explicitly set the socket to be IPv4 or IPv6 by using udp4 or udp6 as protocol specifier in your client configuration.

Fixing the real problem might require some more time.

comment:5 Changed 3 years ago by harri

Does "mtu-disc no" make sense for IPv6 at all? Maybe this option should be silently ignored for IPv6.

comment:6 Changed 2 years ago by MatejKovacic

Hi,

"As a temporary workaround you can explicitly set the socket to be IPv4 or IPv6 by using udp4 or udp6 as protocol specifier in your client configuration."

How to do that?

comment:7 in reply to:  6 Changed 2 years ago by Antonio

Replying to MatejKovacic:

Hi,

"As a temporary workaround you can explicitly set the socket to be IPv4 or IPv6 by using udp4 or udp6 as protocol specifier in your client configuration."

How to do that?

"by using udp4 or udp6 as protocol specifier in your client configuration."

You have an option "proto" in your config and that can be set to "udp4" or "udp6". You can also have a look at the man if you want a deeper explanation.

comment:8 Changed 2 years ago by MatejKovacic

Thank you.

Anyway, I am using TCP, so should say:

proto tcp4

Note: See TracTickets for help on using tickets.