On 08-06-18 17:41, David Sommerseth wrote:
Agreed ... but that's probably with smaller ICMP packets (56 bytes or
so) ...
does that change if going higher than 1300 (the --fragment, in the config) or
1500? .... both outside and inside the tunnel.
One thing you should be aware of is that no matter how you set
--fragment, or whatever OpenVPN deduces automatically, any fragmentation
that OpenVPN may perform will be undone by each and every stateful
firewall in between client and server. Because a stateful firewall will
reassemble fragmented packets before inspection in order to track
connections and related traffic.
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
