> Our tinc device tap0 has an MTU of 1500 but it is in a bridge (br-mesh) wich > has an MTU of 1476. Maybe you can have a look at this?
OK, maybe you have a problem with packet fragmentation and you waste a lot of CPU. Try to put the MTU of your tap device to a lower value. Make this test MTU 1280 and add the following rule to your iptables firewall: iptables -A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu this will cause new TCP connections to use segments that fit your interface MTU. Note that 1280 is not the optimal value, you can fine tune later if you see you get more speed. Saverio _______________________________________________ tinc mailing list tinc@tinc-vpn.org http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
