Hi,
On Mon, Feb 29, 2016 at 11:32:13AM +0800, ????????? wrote:
> Thanks for your kindly explanation, since the outside network is provided
> by an IDC, I cannot investigate much.
> I think you means the path mtu discovery by referring to the ICMP
> unreachable, this does help to adjust the *outside* TCP mss, however, how
> openvpn can affect the *inner* TCP mss after the outer mss have been
> adjusted? Do I need to turn on some options? or openvpn do internal
> fragmentation for the inner TCP packets?
This is TCP, so the size of the inner packets is irrelevant - if it's too
large, it will get split over two outer TCP packets (by the TCP layer).
OpenVPN just stuffs a big chunk of data down the TCP socket, just as a
web server would - and it's TCP's job to ensure that the resulting packets
are not too large for the network they are traversing.
This is very different when using UDP: since UDP has no concept of
"segment size" and "path MTU", you'd get IP-level fragmentation if the
packets you stuff into the UDP socket is too big - and there are too
many networks and borken NAT routers that cannot deal with fragments,
so --mssfix helps avoiding this for the UDP case.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany g...@greenie.muc.de
fax: +49-89-35655025 g...@net.informatik.tu-muenchen.de
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
