On Thu, Apr 12, 2018 at 8:18 PM, Charles Wise <ctw...@gmail.com> wrote: > Looks like it's the MTU. I did the -vvvv and --dump and the output > said the MTU should be 1322 (DTLS option X-DTLS-MTU : 1322). When I > enable DTLS and _don't_ set the MTU, I run iperf3 and the traffic > drops to zero almost immediately. When I set it explicitly (-m 1322) > the traffic goes through (plus it's much faster then with --no-dtls).
I'm glad it works, but I'm still confused. 1. If the server says the MTU should be 1322 (via the "X-DTLS-MTU" header), then openconnect (via the vpnc-script) is setting the MTU of the interface to 1322. 2. If you specify `-m 1322` explicitly, openconnect (via the vpnc-script) is also setting the MTU of the interface to 1322. What is happening differently when you specify the MTU explicitly? What do the operating system configuration utilities say that the MTU of the tunnel device is in (1) vs (2)? Dan _______________________________________________ openconnect-devel mailing list firstname.lastname@example.org http://lists.infradead.org/mailman/listinfo/openconnect-devel