Acked-by: Gert Doering <g...@greenie.muc.de> Stared-at-code, discussed on IRC, and dropped "Changes.rst" entry, as user-visible behaviour is no longer changed (no default-MTU change).
Tested on the server testbed, having one instance do "tun-mtu 1400 1500" now, and depending on client version, have it push MTU or not. The OCC lying feature works - tried "max-mtu 1400 1490" and got WARNING: 'tun-mtu' is used inconsistently, local='tun-mtu 1490', remote='tun-mtu 1500' .. we need to do something about OCC and link-mtu, though... WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1442', remote='link-mtu 1545' (outside of this patch, but annoying) Also tested with "--tun-mtu 2000 1500", to trigger the "client cannot handle this" message... works. Well, sort of - the server still sends a too-big MTU... 194.97.140.21:50362 peer info: IV_MTU=1800 cron2-freebsd-tc-amd64/194.97.140.21:50362 Warning: reported maximum MTU from client (1800) is lower than MTU used on the server (2000). Add tun-max-mtu 2000 to client configuration. cron2-freebsd-tc-amd64/194.97.140.21:50362 SENT CONTROL [cron2-freebsd-tc-amd64]: 'PUSH_REPLY,... cc-exit tls-ekm,tun-mtu 2000' (status=1) .. but the client ignores this... OPTIONS IMPORT: tun-mtu set to 2000 Server-pushed tun-mtu is too large, please add tun-mtu-max 2000 in the client configuration .. and configures 1800 (configured --max-tun-mtu on the client). tcpdump confirms that pings *inside* the tunnel go up to 1800 without fragmentation... 13:29:57.041939 IP 10.204.2.6 > 10.204.0.1: ICMP echo request, id 49729, seq 31, length 1780 13:29:57.042693 IP 10.204.0.1 > 10.204.2.6: ICMP echo reply, id 49729, seq 31, length 1780 .. but if I go larger ("ping -s 2000") the MTU mismatch "server 2000, client 1800" strikes, and I get 2022-11-14 13:30:13 tun packet too large on write (tried=1996,max=1968) (--tun-mtu-max 2000 on the client will fix this). This is expected - there is some headroom, but not "200 bytes". So when going large-mtu, ensure your client configs are matching. Your patch has been applied to the master branch. commit 761575cb7b49e94f361c6aaf4bb43d7c7baa5b38 Author: Arne Schwabe Date: Wed Nov 9 16:48:10 2022 +0100 Push server mtu to client when supported and support occ mtu Signed-off-by: Arne Schwabe <a...@rfc2549.org> Acked-by: Gert Doering <g...@greenie.muc.de> Message-Id: <20221109154810.1268403-2-a...@rfc2549.org> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg25499.html Signed-off-by: Gert Doering <g...@greenie.muc.de> -- kind regards, Gert Doering _______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel