# dd if=/dev/zero count=1 bs=7000 | nc -nuvvv -w1 1.1.5.5 284
over tunnel:
11:09:20.930621 > 0800 1468: IP (tos 0x0, ttl 64, id 46021, offset 0, flags
[+], length: 1452) 1.1.5.6.1025 > 1.1.5.5.284: [bad udp cksum c815!] UDP,
length: 7000
11:09:20.930657 > 0800 1468: IP (tos 0x0, ttl 64, id 460
> Or maybe I'm mistaken and I shall set --link-mtu not to the value
> reported by 'ip a l dev eth0' (i.e. max IP packet size), but
> to the max *UDP* packet size? 1500-28=1472, then. Not every user
> knows IP overhead size. I don't. I looked at tcpdump to figure out.
"Double frag" bug does not hap
Beta2 has a new feature where you can run the OpenVPN server on multiple
machines, and then give clients a DNS name which maps to multiple IP
addresses. The client will choose one of the IPs randomly. If there's a
ping-restart event, the client will restart and use a different IP from the
list.
Denis,
There are two ways of setting the MTU in OpenVPN, one is to use --tun-mtu
which doesn't include any encapsulation overhead, the other is to use
--link-mtu which sets the maximum encrypted UDP datagram size sent between
OpenVPN daemons after encapsulation.
2.0 takes a different approach to