Problem: mssfix appears to have no effect on client, as reported by
wireshark
===================================
Server is:
- Linux OpenVPN 2.6.x, no dco, udp
- "tun-mtu 1350"; 1350 is the bigget value not causing issues to VOIP app
- not using "fragment 1350" because it would need to be added identical
on both server and client configs, while "tun-mtu" is pushed
automatically to Windows clients which will set MTU on their OpenVPN DCO
interfaces to 1350, so everything is automatic and controllable by the
server.
Client:
- Win11, OpenVPN GUI + 2.7.4 (dco by default)
- pull
- clients receive "tun-mtu" and set it on the OpenVPN interface to 1350,
everything's OK.
=== MSSFIX
I wanted to optimize "mssfix" on the clients.
My understanding is that I should choose between 2 equivalent formats
(given mtu=1350): "mssfix 1310" or "mssfix 1350 mtu"
I tried both, and every time I used wireshark to:
- record traffic on OpenVPN interface on the client
- display filtering: "tcp.flags.syn == 1 && tcp.flags.ack == 0"
- initiate a tcp connection from client to server
- check (on SYN packet) TCP -> options -> TCP Option - Maximum segment
size: 1310 bytes
- OK, as expected
Then I intentionally set on the client mssfix to different values:
"mssfix 1412" "mssfix 1340 mtu" "mssfix 1100" and, to my surprise,
wireshark always shows MSS=1310 on the SYN packet
=== Questions:
1) Is my way of checking mssfix with wireshark correct?
2) Is it expected that Windows (?) will set up MSS based on MTU,
regardless of OpenVPN settings?
3) Is mssfix ignored on Windows clients?
Thanks
_______________________________________________
Openvpn-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openvpn-users
